Visible to the public Wearable Device User Authentication Using Physiological and Behavioral Metrics

TitleWearable Device User Authentication Using Physiological and Behavioral Metrics
Publication TypeConference Paper
Year of Publication2017
AuthorsVhaduri, S., Poellabauer, C.
Conference Name2017 IEEE 28th Annual International Symposium on Personal, Indoor, and Mobile Radio Communications (PIMRC)
KeywordsActivity-based Fingerprint, Apple Watch, authentication, authorisation, behavioral metrics, Biomedical monitoring, biometrics (access control), coarse-grain minute-level physical activity, feature extraction, Fitbit users, Health Care, healthcare, healthcare providers, Heart rate, Human Behavior, message authentication, Microsoft Band, Microsoft Windows, mobile computing, one-time authentication approaches, patient monitoring, physiological data, Physiological Fingerprint, physiological metrics, privacy, pubcrawl, Reliable Data Collection, resilience, Resiliency, Scalability, Sensors, smart wearables, Standards, wearable computers, wearable device user authentication, Wearable Security, Wearable-User Authentication, wearable-user authentication mechanism, wearables security, wellness-related metrics

Wearables, such as Fitbit, Apple Watch, and Microsoft Band, with their rich collection of sensors, facilitate the tracking of healthcare- and wellness-related metrics. However, the assessment of the physiological metrics collected by these devices could also be useful in identifying the user of the wearable, e.g., to detect unauthorized use or to correctly associate the data to a user if wearables are shared among multiple users. Further, researchers and healthcare providers often rely on these smart wearables to monitor research subjects and patients in their natural environments over extended periods of time. Here, it is important to associate the sensed data with the corresponding user and to detect if a device is being used by an unauthorized individual, to ensure study compliance. Existing one-time authentication approaches using credentials (e.g., passwords, certificates) or trait-based biometrics (e.g., face, fingerprints, iris, voice) might fail, since such credentials can easily be shared among users. In this paper, we present a continuous and reliable wearable-user authentication mechanism using coarse-grain minute-level physical activity (step counts) and physiological data (heart rate, calorie burn, and metabolic equivalent of task). From our analysis of 421 Fitbit users from a two-year long health study, we are able to statistically distinguish nearly 100% of the subject-pairs and to identify subjects with an average accuracy of 92.97%.

Citation Keyvhaduri_wearable_2017