Usable User Authentication on a Smartwatch using Vibration

Abstract

Smartwatches have come into wide use in recent years, and a number of smartwatch applications that improve convenience and user health are being developed and introduced constantly. Moreover, the latest smartwatches are now designed to operate without their paired smartphones, and as such, it is necessary for smartwatches to independently authenticate users. In these current devices, personal identification numbers (PIN) or patterns are entered to authenticate users, but these methods require inconvenient interaction for the user and are not highly secure. Particularly relevant to smartwatch technology, even user authentication based on biometric information needs either special sensors capable of measuring biometric information or user interaction. In this paper, we propose a usable method for user authentication on smartwatches without additional devices. Based on the fact that vibration is absorbed, reflected, and propagated differently according to the physical structure of each human body, our method is designed as a challenge-response scheme, in which the challenge is a random sequence of multiple vibration types that are already built into current smartwatches. The responses to vibrations are measured by the default gyroscope and accelerometer sensors in smartwatches. Moreover, our method is the first working model for commercial smartwatch models with low specifications when vibrating and measuring responses. We evaluated our method using a commercial smartwatch, and the results show that our method is able to authenticate a user with an equal error rate (EER) of 1.37%.