The vibration knows who you are! A further analysis on usable authentication for smartwatch users

Sunwoo Lee, Wonsuk Choi, Dong Hoon Lee

Research output: Contribution to journalArticlepeer-review

Abstract

These days, smartwatches are becoming more common and can even operate in stand-alone mode. This increases the need for smartwatches to authenticate users independently without paired smartphones. Currently, password or pattern-based methods can authenticate the smartwatch users in stand-alone mode, but these methods are known to be vulnerable to simple attacks such as shoulder-surfing and password dictionary attacks. In addition, biometric-based methods, which are expected to release on smartwatches in the near future, require inconvenient user interaction or special sensors for measurement. In light of this, we propose a smartwatch user authentication method that does not require any additional sensors or user interaction. Based on the fact that the human body structure affects the way vibrations are absorbed, reflected, and propagated, we designed a smartwatch user authentication method based on a challenge-response structure using vibrations. In our method, a challenge is a set of fresh random vibrations, which are provided by default in current smartwatches, and a response to the challenge is measured by built-in gyroscope and accelerometer sensors. Our earlier study demonstrated that commercial smartwatch users can be authenticated with a low equal error rate (EER) of 1.37 %. In this paper, we extended the analysis of our method on various vibration types by using a prototype setup. As a result, we discovered an outperformed vibration type for user authentication. We conducted further analysis for users with heavier body weights as these individuals are more vulnerable to a not-in-wear attack. Finally, we conducted more advanced impersonation attacks on test participants with one or more similar physical indicators to demonstrate that our method is also secure against a wider range of more complex attacks.

Original languageEnglish
Article number103040
JournalComputers and Security
Volume125
DOIs
Publication statusPublished - 2023 Feb

Bibliographical note

Funding Information:
This research was supported by a National Research Foundation grant funded by the Korean Government Ministry of Science, Technology and Information and Communication under Grant NRF-2021R1A2C2014428.

Publisher Copyright:
© 2022 Elsevier Ltd

Keywords

  • Authentication
  • Biometrics
  • Signal Processing
  • Smartwatches
  • Usable Security

ASJC Scopus subject areas

  • Computer Science(all)
  • Law

Fingerprint

Dive into the research topics of 'The vibration knows who you are! A further analysis on usable authentication for smartwatch users'. Together they form a unique fingerprint.

Cite this