There are a variety of biometric based person authentication schemes currently available. Traditional methods rely on physiological properties of a person such as their retina, iris, or fingerprint.  A more recent trend relies on behavioral aspects of a person such as signature, gait, voice, and keystroke dynamics.  The latest trend, cognitive biometrics, relies on cognitive and possibly even the emotional state of an individual.  Each methodology has their own advantages and disadvantages, and in many cases, a multi-modal approach may be required to suit the security requirements at hand. In this presentation, the scientific rationale for cognitive biometrics will be discussed, focusing on the issue of data acquisition methodologies that are currently deployed.  The scientific basis of cognitive biometrics relies on capturing the cognitive state of an individual - how a person responds to a set of stimuli.  When a visual and/or auditory stimuli is presented to a person, they respond in a characteristic fashion.  Prior to any motoric activity, the brain and/or emotional state of the person will undergo a change that is dependent on the stimulus, which is superimposed onto the current cognitive state of the individual.   These changes can be measured using both the electroencephalogram (EEG) and electrocardiogram (ECG).  The former is deployed to extract information regarding on-going brain activity, upon which is superimposed a stimulus used for the authentication process.  Likewise, the stimulus may contain emotive elements that can be detected using ECG technology.  The task for cognitive biometrics then is to map appropriate stimuli onto characteristic responses, extracting sufficient individuality for authentication, without burdening the user from a technological perspective.