Cry and Authenticate How AI is Changing Security

I constantly have thoughts buzzing in my head, and I need to throw them somewhere or they'll just fly away. So I thought I’d write a few articles about how our lives are becoming more like the movies and games we grew up with. Let’s get started.

Today, let’s talk about security and all the issues that come with it. Do you remember that you always use a billion passwords to access your bank, your apps, your services, your entertainment, and so on? There's two-factor authentication and all that jazz, but emails and accounts still get hacked, stolen, and used in ways we don't understand. It’s unfair, right?

I bet you’re thinking that your password is super complex and no one could ever crack it. It has tons of symbols, an obscure logic, numbers, and all kinds of complexities, right? And for another service, you have a similarly complicated password that’s hard to pronounce? Ha, now tell me, how do you store all of this? What do you use to access the place where it’s all kept? A weak password, because if you forget it, you’ll lose everything else? Ha, I can just picture the hacker thinking, “Ooooh, yeah, 100-500 characters in the password, no way to crack that.” But wait, where's the password from? The storage? And there it is, the password is 1234 =) LOL

So what’s the point of all this? Do you realize that soon AI will help us reach a new level of security and speed for authorization and authentication? Big words? Don’t worry, I’ll explain everything.

The first word, authorization, is about understanding that you can use a particular service, while authentication is the process of gaining rights and access within the authorized service. For example, you wanted to play a game, logged in, but you can’t do everything—you can only do what you're allowed to do.

So how can AI help here? Let’s recall the movie "Blade Runner", where there was a test to determine if you're human. Do you know what this process is called?

Deep psychological analysis of personality — it’s a process where data is gathered about your emotional reactions, behavioral patterns, personality traits, and even cognitive characteristics. It’s like how you don’t just know your friend doesn’t like pineapples, but you also understand that their pizza choice will definitely depend on how good their day is and what emotions they’re feeling at that moment.

There are already a number of approaches that fall under psychometric analysis. For example, methods like Big Five or MBTI, which attempt to classify people into different personality types. These methods aren’t just theories—they are actively used in recruitment, marketing, and, of course, in security technology.

Psychological analysis is already being used in various fields. For instance, in 2014, psychologists at the University of Virginia conducted a study where they tried to assess how well people can hide their true feelings when tested using computer programs. Interestingly, these programs could accurately determine whether a person was aggressive or prone to stress by analyzing their linguistic patterns and emotional responses. Even cooler, one of the studies predicted that, to assess personality more accurately, we would be able to use behaviors on social media and reviews left about other people.

There’s also another research project—Psycho-Physiological Authentication. This is when not only your behavior and emotions are assessed but also your physiology, such as your pulse and galvanic skin response (like when you sweat while talking about your ex). This analysis can help create super-secure authentication systems.

How could we use this in real life? Imagine a system that uses your character, mood, language, and even your reactions to stress to authenticate you. Why not? If you always say “well, okay” in response to any inconvenient task, the system might notice that and categorize it as part of your personality. If you suddenly start getting nervous and quickly type responses in a messenger, it’s a sign of stress, and the system will request additional verification. Yes, the system will not only read your texts but analyze how you generally perceive information.

To make this work, you need to:

1. Collect data. Whether it’s text messages, voice recordings, mouse movements, or typing speed—everything will be analyzed to create your personality profile.
2. Train the machine. It’s crucial that the system has a good neural network capable of analyzing your behavior and correlating it with the psychoanalysis you’ve undergone online (or in real life). These systems are increasingly predicting the emotions you’re likely to feel when you encounter certain events.
3. Evaluation and verification. You don’t want your laptop determining that you’re upset and then giving you the results of a psychological test, right? So, it’s important to have multiple layers of verification to ensure the system identifies you as human, not as an android. For example, you could combine psychological analysis with traditional biometric methods (like fingerprints or facial recognition).

Pros:

• The system can automatically adapt to you, making your authentication as personalized as possible.
• No annoying passwords, PINs, or SMS codes—just your behavior.
• Potentially much more secure than standard passwords.

 Cons:

• Too much data about you could be used for manipulation.
• Privacy issues: who would like it if a system could determine your emotional reaction when you’ve just received some bad news?
• Implementing such a system requires a very powerful computing infrastructure and strong data protection.

Deep psychological analysis could become the key to the future of security, authorization, and authentication, but we still need to go through many more studies and experiments. However, we already see how technology is starting to actively use psychological aspects in data analysis. So, who knows? Maybe in the near future, to access your account, you’ll not only have to answer the question, "What did you feel at that moment?" but also prove you’re definitely a human, not just another robot taking your place.

May DevOps be with you!