How emojis could make passcodes more secure

A British company has introduced an emoji-based passcode system. But is it a gimmick or a sign of things to come? 

Sign Up

Get the New Statesman's Morning Call email.

Hold onto your hats, teens and Twitterati: today, a company announced that they have created the first ever emoji-based security system. Intelligent Environments, a British producer of "digital financial services software", has created a four digit passcode system for online banking based solely on tiny pictures of faces, flames, et al. 

Rather than using your phone's emoji keyboard, the program lets you choose emoji onscreen. This could help bypass the fact that the code released to represent the images is then interpreted and designed by developers from different platforms; so Android emoji look slightly different to Apple's or Whatsapp's. This could make wider use of emoji passcode systems on websites, for example, harder to implement - if you were to use the same login system over different devices, you'd be confronted with drastically different praying emoji, for example, which could make logging in tricky. 

The company has also said that it's aiming the login system mainly at "15-25 year olds", as research carried out by the company apparently shows that "64 per cent of millenials regularly communicate only using emojis". So far, so patronising. But despite the technology's gimmicky beginnings, it may well have the potential to make traditional PIN and passcode technology far more secure.  


This is partly because the human brain finds it easier to memorise images than numbers or characters. That's why, for example, associating someone's name with a physical quality ("Rebecca with the red hair") makes it far easier to remember. In order to remember image-based passwords, users could make up a story to remember the sequence: "sad face + sun + burger = happy face", for example. Our relatively poor ability to accurately remember strings of numbers, meanwhile, can lead people to go for memorable dates like birthdays, or use the same number across different passwords and PINs.  

Of course, users could react in the same way to an emoji-based system, perhaps using the first four images to avoid scrolling through pages of options. But the greater number of images at users' disposal would also boost the passcodes' ability to thwart hackers. Using only the numbers 0-9 for a four character PIN, there are 10,000 possible unique combinations. But with the Intelligent Environments system, which would offer 44 different emoji (far fewer than the total on most phones), that number rises to 3,748,096. And using all 722 emoji available in the latest Unicode release, there are almost 272bn. Person Raising Both Hands In Celebration emoji to that. 

This mock-up shows how the program would look to its users: 

Photo: Intelligent Environments.

Barbara Speed is comment editor at the i, and was technology and digital culture writer at the New Statesman, and a staff writer at CityMetric.

Free trial CSS