Can a Smartband be Used for Continuous Implicit Authentication in Real Life

Abstract

The use of cloud services that process privacy-sensitive information such as digital banking, pervasive healthcare, smart home applications requires an implicit continuous authentication solution, which will make these systems less vulnerable to the spoofing attacks. Physiological signals can be used for continuous authentication due to their uniqueness. Ubiquitous wrist-worn wearable devices are equipped with photoplethysmogram sensors, which enable us to extract heart rate variability (HRV) features. In this study, we show that these devices can be used for continuous physiological authentication for enhancing the security of the cloud, edge services, and IoT devices. A system that is suitable for the smartband framework comes with new challenges such as relatively low signal quality and artifacts due to placement, which were not encountered in full lead electrocardiogram systems. After the artifact removal, cleaned physiological signals are fed to the machine learning algorithms. In order to train our machine learning models, we collected physiological data using off-the-shelf smartbands and smartwatches in a real-life event. By applying a minimum quality threshold, we achieved a 3.96% Equal Error Rate. Performance evaluation shows that HRV is a strong candidate for continuous unobtrusive implicit physiological authentication.