Abstract

These days, smartwatches are becoming more common and can even operate in stand-alone mode. This increases the need for smartwatches to authenticate users independently without paired smartphones. Currently, password or pattern-based methods can authenticate the smartwatch users in stand-alone mode, but these methods are known to be vulnerable to simple attacks such as shoulder-surfing and password dictionary attacks. In addition, biometric-based methods, which are expected to release on smartwatches in the near future, require inconvenient user interaction or special sensors for measurement. In light of this, we propose a smartwatch user authentication method that does not require any additional sensors or user interaction. Based on the fact that the human body structure affects the way vibrations are absorbed, reflected, and propagated, we designed a smartwatch user authentication method based on a challenge-response structure using vibrations. In our method, a challenge is a set of fresh random vibrations, which are provided by default in current smartwatches, and a response to the challenge is measured by built-in gyroscope and accelerometer sensors. Our earlier study demonstrated that commercial smartwatch users can be authenticated with a low equal error rate (EER) of 1.37 %. In this paper, we extended the analysis of our method on various vibration types by using a prototype setup. As a result, we discovered an outperformed vibration type for user authentication. We conducted further analysis for users with heavier body weights as these individuals are more vulnerable to a not-in-wear attack. Finally, we conducted more advanced impersonation attacks on test participants with one or more similar physical indicators to demonstrate that our method is also secure against a wider range of more complex attacks.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.