WO2017144768A1 - Authentification biométrique comportementale - Google Patents

Authentification biométrique comportementale Download PDF

Info

Publication number
WO2017144768A1
WO2017144768A1 PCT/FI2016/050124 FI2016050124W WO2017144768A1 WO 2017144768 A1 WO2017144768 A1 WO 2017144768A1 FI 2016050124 W FI2016050124 W FI 2016050124W WO 2017144768 A1 WO2017144768 A1 WO 2017144768A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
sensor data
reliability threshold
feature data
feature
Prior art date
Application number
PCT/FI2016/050124
Other languages
English (en)
Inventor
Enrique MARTIN-LÓPEZ
Hongwei Li
Original Assignee
Nokia Technologies Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Technologies Oy filed Critical Nokia Technologies Oy
Priority to PCT/FI2016/050124 priority Critical patent/WO2017144768A1/fr
Publication of WO2017144768A1 publication Critical patent/WO2017144768A1/fr

Links

Classifications

    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61BDIAGNOSIS; SURGERY; IDENTIFICATION
    • A61B5/00Measuring for diagnostic purposes; Identification of persons
    • A61B5/117Identification of persons
    • A61B5/1171Identification of persons based on the shapes or appearances of their bodies or parts thereof
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61BDIAGNOSIS; SURGERY; IDENTIFICATION
    • A61B5/00Measuring for diagnostic purposes; Identification of persons
    • A61B5/0002Remote monitoring of patients using telemetry, e.g. transmission of vital signals via a communication network
    • A61B5/0015Remote monitoring of patients using telemetry, e.g. transmission of vital signals via a communication network characterised by features of the telemetry system
    • A61B5/0022Monitoring a patient using a global network, e.g. telephone networks, internet
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61BDIAGNOSIS; SURGERY; IDENTIFICATION
    • A61B5/00Measuring for diagnostic purposes; Identification of persons
    • A61B5/01Measuring temperature of body parts ; Diagnostic temperature sensing, e.g. for malignant or inflamed tissue
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61BDIAGNOSIS; SURGERY; IDENTIFICATION
    • A61B5/00Measuring for diagnostic purposes; Identification of persons
    • A61B5/02Detecting, measuring or recording pulse, heart rate, blood pressure or blood flow; Combined pulse/heart-rate/blood pressure determination; Evaluating a cardiovascular condition not otherwise provided for, e.g. using combinations of techniques provided for in this group with electrocardiography or electroauscultation; Heart catheters for measuring blood pressure
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61BDIAGNOSIS; SURGERY; IDENTIFICATION
    • A61B5/00Measuring for diagnostic purposes; Identification of persons
    • A61B5/05Detecting, measuring or recording for diagnosis by means of electric currents or magnetic fields; Measuring using microwaves or radio waves 
    • A61B5/053Measuring electrical impedance or conductance of a portion of the body
    • A61B5/0531Measuring skin impedance
    • A61B5/0533Measuring galvanic skin response
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61BDIAGNOSIS; SURGERY; IDENTIFICATION
    • A61B5/00Measuring for diagnostic purposes; Identification of persons
    • A61B5/68Arrangements of detecting, measuring or recording means, e.g. sensors, in relation to patient
    • A61B5/6801Arrangements of detecting, measuring or recording means, e.g. sensors, in relation to patient specially adapted to be attached to or worn on the body surface
    • A61B5/6802Sensor mounted on worn items
    • A61B5/681Wristwatch-type devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H40/00ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices
    • G16H40/60ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the operation of medical equipment or devices
    • G16H40/67ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the operation of medical equipment or devices for remote operation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/065Continuous authentication
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61BDIAGNOSIS; SURGERY; IDENTIFICATION
    • A61B2562/00Details of sensors; Constructional details of sensor housings or probes; Accessories for sensors
    • A61B2562/02Details of sensors specially adapted for in-vivo measurements
    • A61B2562/0219Inertial sensors, e.g. accelerometers, gyroscopes, tilt switches
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61BDIAGNOSIS; SURGERY; IDENTIFICATION
    • A61B5/00Measuring for diagnostic purposes; Identification of persons
    • A61B5/103Detecting, measuring or recording devices for testing the shape, pattern, colour, size or movement of the body or parts thereof, for diagnostic purposes
    • A61B5/107Measuring physical dimensions, e.g. size of the entire body or parts thereof
    • A61B5/1071Measuring physical dimensions, e.g. size of the entire body or parts thereof measuring angles, e.g. using goniometers
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61BDIAGNOSIS; SURGERY; IDENTIFICATION
    • A61B5/00Measuring for diagnostic purposes; Identification of persons
    • A61B5/103Detecting, measuring or recording devices for testing the shape, pattern, colour, size or movement of the body or parts thereof, for diagnostic purposes
    • A61B5/107Measuring physical dimensions, e.g. size of the entire body or parts thereof
    • A61B5/1072Measuring physical dimensions, e.g. size of the entire body or parts thereof measuring distances on the body, e.g. measuring length, height or thickness
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61BDIAGNOSIS; SURGERY; IDENTIFICATION
    • A61B5/00Measuring for diagnostic purposes; Identification of persons
    • A61B5/72Signal processing specially adapted for physiological signals or for diagnostic purposes
    • A61B5/7235Details of waveform analysis
    • A61B5/7264Classification of physiological signals or data, e.g. using neural networks, statistical classifiers, expert systems or fuzzy systems
    • A61B5/7267Classification of physiological signals or data, e.g. using neural networks, statistical classifiers, expert systems or fuzzy systems involving training the classification device
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61BDIAGNOSIS; SURGERY; IDENTIFICATION
    • A61B5/00Measuring for diagnostic purposes; Identification of persons
    • A61B5/72Signal processing specially adapted for physiological signals or for diagnostic purposes
    • A61B5/7271Specific aspects of physiological measurement analysis
    • A61B5/7275Determining trends in physiological measurement data; Predicting development of a medical condition based on physiological measurements, e.g. determining a risk factor

Definitions

  • the present invention relates to the field of behavioural and/or biometric authentication, such as, for example, authentication based on acceleration sensor and/or gyroscope data from characteristic movements of an individual.
  • Authenticating a user or client may take a number of forms, depending on the circumstances.
  • a bank may request a client to present a passport before offering services, and subsequently the bank may rely on authentication methods derived from the initial authentication, where a passport was presented.
  • the bank may request the client to enter a one-time numeric code from one-time pad authentication response material provided to the client when she was present in the bank.
  • the online transaction may further be authenticated and secured by use of a secured communication protocol, such as HTTPS, for example.
  • HTTPS uses cryptographic certificates to authenticate at least the server side, and in variants, also the client side.
  • a handwritten signature is often used as an authentication method.
  • a signature transmitted over telefax is also considered legally valid.
  • Credit card transactions previously authenticated by handwritten signature, are now authenticated using a two-factor authentication method wherein the client presents a credit card with a cryptographic chip, and then enters a secret numerical code to cause the transaction to proceed.
  • Such a two-factor authentication is seen as more secure than a handwritten signature, in part since the reverse side of a credit card often has a genuine handwritten signature a thief can emulate.
  • Biometric authentication is used in machine-readable passports.
  • a passport may be furnished with a machine-readable image of the passport holder's face and/or fingerprints, which may be compared in a passport control point against a freshly obtained machine-readable image of a person's face and/or fingerprints, who presents the passport as her own.
  • Biometric information is more difficult, although not impossible, to copy in a bid to fraudulently compromise an authentication process.
  • a pin code of a credit card may be surreptitiously observed when the client uses the card, her fingerprints are more difficult to obtain, and replicating her iris pattern is more difficult still.
  • Behavioural biometric authentication may be even more difficult to replicate than certain forms of physical biometric authentication, such as fingerprints.
  • a behavioural gesture could be replaced by another one, whereas a physical biometric would become useless.
  • an apparatus comprising a memory configure to store feature data characterizing a signature gesture, at least one processing core configured to determine whether a set of sensor data corresponds to the feature data, the determination being based, at least partly, on a reliability threshold, and wherein the at least one processing core is configured to select the reliability threshold at least partly in dependence of at least one ancillary authentication mechanism, wherein the at least one processing core is configured to select the reliability threshold as less strict responsive to the at least one ancillary authentication mechanism being applicable.
  • Various embodiments of the first aspect may comprise at least one feature from the following bulleted list:
  • the at least one processing core is configured to modify the feature data using the set of sensor data responsive to a determination the set corresponds to the feature data in accordance with the less strict reliability threshold
  • the at least one ancillary authentication mechanism comprises that a continuous flow of data has been obtained since a reliable past event • the continuous flow of data is a continuous flow of biometric data concerning a user and the reliable past event comprises a pairing of a wrist-wearable device with a data sink device
  • the biometric data concerning the user comprises at least one of the following: a heart rate, a skin temperature and a galvanic skin response
  • the continuous flow of data comprises a flow of sensor data
  • the reliable past event comprises a pairing of a wrist-wearable device with a data sink device
  • the apparatus is configured to obtain positive training data and negative training data, and to derive the feature data characterizing the signature based at least partly on the positive training data and negative training data
  • the positive training data comprises acceleration sensor data characterizing a plurality of repetitions of the signature gesture and the negative training data comprises acceleration sensor data characterizing a plurality of gestures that do not comprise performing the signature gesture
  • the at least one processing core is configured to determine whether the set of sensor data corresponds to the feature data by using at least one of a linear regression classifier, a support vector machine and a neural network
  • the feature data comprises acceleration sensor data and angular velocity sensor data
  • acceleration sensor data comprises three axis acceleration sensor data and the angular velocity sensor data comprises three axis angular velocity sensor data
  • the at least one processing core is configured to, in connection with the deriving of the feature data characterizing the signature, obtain derived sensor data describing trends in the positive training data
  • a method comprising storing feature data characterizing a signature gesture, determining whether a set of sensor data corresponds to the feature data, the determination being based, at least partly, on a reliability threshold, and selecting the reliability threshold at least partly in dependence of at least one ancillary authentication mechanism, wherein a less strict reliability threshold is selected responsive to the at least one ancillary authentication mechanism being applicable.
  • Various embodiments of the second aspect may comprise at least one feature from the following bulleted list: • modifying the feature data using the set of sensor data responsive to a determination the set corresponds to the feature data in accordance with the less strict reliability threshold
  • the at least one ancillary authentication mechanism comprises that a continuous flow of data has been obtained since a reliable past event
  • the continuous flow of data is a continuous flow of biometric data concerning a user and the reliable past event comprises a pairing of a wrist-wearable device with a data sink device
  • the biometric data concerning the user comprises at least one of the following: a heart rate, a skin temperature and a galvanic skin response
  • the continuous flow of data comprises a flow of sensor data
  • the reliable past event comprises a pairing of a wrist-wearable device with a data sink device
  • the positive training data comprises acceleration sensor data characterizing a plurality of repetitions of the signature gesture and the negative training data comprises acceleration sensor data characterizing a plurality of gestures that do not comprise performing the signature gesture
  • the feature data comprises acceleration sensor data and angular velocity sensor data
  • acceleration sensor data comprises three axis acceleration sensor data and the angular velocity sensor data comprises three axis angular velocity sensor data
  • an apparatus comprising means for storing feature data characterizing a signature gesture, means for determining whether a set of sensor data corresponds to the feature data, the determination being based, at least partly, on a reliability threshold, and means for selecting the reliability threshold at least partly in dependence of at least one ancillary authentication mechanism, wherein a less strict reliability threshold is selected responsive to the at least one ancillary authentication mechanism being applicable.
  • a non- transitory computer readable medium having stored thereon a set of computer readable instructions that, when executed by at least one processor, cause an apparatus to at least store feature data characterizing a signature gesture, determine whether a set of sensor data corresponds to the feature data, the determination being based, at least partly, on a reliability threshold, and select the reliability threshold at least partly in dependence of at least one ancillary authentication mechanism, wherein a less strict reliability threshold is selected responsive to the at least one ancillary authentication mechanism being applicable.
  • a computer program configured to cause a method in accordance with the second aspect to be performed.
  • FIGURE 1 illustrates an example system in accordance with at least some embodiments of the present invention
  • FIGURE 2 illustrates an example system in accordance with at least some embodiments of the present invention
  • FIGURE 3 illustrates an example apparatus capable of supporting at least some embodiments of the present invention
  • FIGURE 4 illustrates signalling in accordance with at least some embodiments of the present invention.
  • FIGURE 5 is a flow graph of a method in accordance with at least some embodiments of the present invention.
  • a reliability threshold for a determination whether a gesture corresponds to a correct signature gesture confidence in gesture based authentication may be enhanced while simultaneously enabling use of the gesture based authentication for actual transactions.
  • the reliability threshold may be selected in dependence of ancillary authentication mechanisms, such that when at least one ancillary authentication mechanism is present, a reliability threshold for the gesture-based authentication is less strict than when no ancillary authentication mechanism is available. In other words, when authentication is based solely on gesture based authentication, a higher level of confidence the gesture is correct is required. The higher level of confidence may increase a rate of false negative results, necessitating the user to repeat the gesture.
  • a signature gesture may comprise a gesture corresponding to writing the user's signature, or it may be a more general signature gesture the user has chosen to use in a gesture based authentication process.
  • FIGURE 1 illustrates an example system in accordance with at least some embodiments of the present invention.
  • FIGURE 1 illustrates a system in accordance with at least some embodiments of the present invention.
  • the system comprises device 110, which may comprise, for example, a smart watch, digital watch, activity bracelet, smart ring or another kind of suitable device.
  • Device 110 may comprises at least one of an acceleration sensor and an angular velocity sensor.
  • Such an acceleration sensor may be configured to measure acceleration along three orthogonal axes.
  • Such an angular velocity sensor may be configured to measure angular velocity along three orthogonal angles, for example.
  • device 110 may be wrist-wearable or finger- wearable.
  • An angular velocity sensor may comprise a gyro sensor, for example.
  • Accelerometers may be based on piezoelectric, piezoresistive or capacitive technology, for example.
  • the sensor arrangement comprised in device 110 may obtain sensor data characterizing the gesture of signing.
  • the gesture may be performed on a surface, akin to signing on paper, or the gesture may be performed in the air.
  • the sensor data obtained, by sensors in device 110, during the gesture may be referred to as a set of sensor data.
  • the set may comprise acceleration sensor data and/or angular velocity sensor data.
  • the acceleration sensor data may comprise three separate sequences of sensor data values, each sequence corresponding to a distinct axis.
  • angular velocity sensor data may comprise three separate sequences, each sequence corresponding to a distinct base angle, the base angles being orthogonal to each other.
  • Device 110 may be communicatively coupled with a communications network.
  • device 110 is coupled, via wireless link 112, with base station 120.
  • Base station 120 may comprise a cellular or non-cellular base station, wherein a non-cellular base station may be referred to as an access point.
  • Examples of cellular technologies include wideband code division multiple access, WCDMA, and long term evolution, LTE, while examples of non-cellular technologies include wireless local area network, WLAN, and worldwide interoperability for microwave access, WiMAX.
  • Base station 120 may be coupled with network node 130 via connection 123. Connection 123 may be a wire-line connection, for example.
  • Network node 130 may comprise, for example, a controller or gateway device.
  • Network node 130 may interface, via connection 134, with network 140, which may comprise, for example, the Internet or a corporate network.
  • Network 140 may be coupled with further networks via connection 141.
  • device 110 is not configured to couple with base station 120.
  • Network 140 may comprise cloud-based servers, for example cloud servers that participate in transactions that are authenticated by gestures. Cloud servers may be arranged to back-up data, such as reference feature data, used in gesture-based authentication.
  • Device 110 may be configured to receive, from satellite constellation 150, satellite positioning information via satellite link 151.
  • the satellite constellation may comprise, for example the global positioning system, GPS, or Galileo constellation. Satellite constellation 150 may comprise more than one satellite, although only one satellite is illustrated in FIGURE 1 for the same of clarity. Likewise, receiving the positioning information over satellite link 151 may comprise receiving data from more than one satellite. In some embodiments, a timing signal is received from satellite constellation 150 alternatively or additionally to positioning information.
  • device 110 may obtain positioning and/or timing information by interacting with a network in which base station 120 is comprised.
  • cellular networks may employ various ways to position a device, such as trilateration, multilateration or positioning based on an identity of a base station with which attachment is possible.
  • a non-cellular base station, or access point may know its own location and provide it to device 110, enabling device 110 to position itself within communication range of this access point.
  • Device 110 may be configured to obtain a current time from satellite constellation 150, base station 120 or by requesting it from a user, for example. Once device 110 has the current time and an estimate of its location, device 110 may consult a look-up table, for example, to determine how much time is remaining to sunset, and/or sunrise. Device 110 may comprise further sensors, enabled to determine, for example from skin temperature, skin galvanic response or from heart rate, whether device 110 has been worn in an uninterrupted fashion.
  • FIGURE 2 illustrates a system in accordance with at least some embodiments of the present invention. Like numbering denotes like structure as in FIGURE 1. FIGURE 2 embodiments comprise an auxiliary device 1 lOx.
  • Device 110 may be communicatively coupled, for example communicatively paired, with an auxiliary device 11 Ox.
  • the communicative coupling, or pairing, is illustrated in FIGURE 2 as interface 111, which may be wireless, as illustrated, or wireline, depending on the embodiment.
  • Interface 111 may comprise a Bluetooth interface, for example.
  • Auxiliary device 11 Ox may comprise a smartphone, tablet computer or other computing device, for example.
  • Auxiliary device 11 Ox may comprise a device that the owner of device 110 uses to consume media, communicate or interact with applications.
  • Auxiliary device 11 Ox may be furnished with a larger display screen than device 110, which may make auxiliary device 11 Ox preferable to the user when a complex interaction with an application is needed, as a larger screen enables a more detailed rendering of interaction options.
  • Auxiliary device 1 lOx may store feature data usable in determining if a gesture-based authentication is to be accepted or refused, for example. In some embodiments, such as those illustrated in FIGURE 1, auxiliary device 11 Ox is absent.
  • device 110 may be configured to use connectivity capability of auxiliary device 11 Ox.
  • device 110 may access a network via auxiliary device 1 lOx.
  • device 110 need not be furnished with connectivity toward base station 120, for example, since device 110 may access network resources via interface 11 1 and a connection auxiliary device 11 Ox has with base station 120.
  • Such a connection is illustrated in FIGURE 2 as connection 112x.
  • device 110 may comprise a smart watch and auxiliary device 11 Ox may comprise a smartphone, which may have connectivity to cellular and/or non-cellular data networks.
  • device 110 may receive satellite positioning information, or positioning information derived therefrom, via auxiliary device 1 lOx where device 110 lacks a satellite positioning receiver of its own.
  • a satellite connection of auxiliary device 15 lx is illustrated in FIGURE 2 as connection 151X.
  • device 110 may have some connectivity and be configured to use both that and connectivity provided by auxiliary device 11 Ox.
  • device 110 may comprise a satellite receiver enabling device 110 to obtain satellite positioning information directly from satellite constellation 150.
  • Device 110 may then obtain network connectivity to base station 120 via auxiliary device 1 lOx.
  • feature data characterising an authentic signature gesture may first be established.
  • the feature data may comprise a set of reference sequences of sensor data values, corresponding to sensor data that device 110 is capable of generating during a gesture, so that freshly generated sensor data can be compared to the feature data to determine, whether the gesture corresponds to an authentic signature gesture.
  • the feature data may comprise, alternatively or additionally to reference sequences of sensor data, features derived from reference sequences of sensor data, which features characterize the reference sequence data.
  • Such data may be referred to as derived sensor data.
  • first and/or second order derivatives may be obtained from the reference sequences, turning points may be identified when angular velocities or accelerations turn from positive to negative or vice versa, and/or timing characteristics of the reference sequences of sensor data may be obtained.
  • the feature data therefore comprises data that enables a determination as to what extent a freshly obtained set of sensor data corresponds to reference sensor data of genuine signature gestures.
  • the feature data may comprise sensor data in unprocessed form, in processed form or a combination of the two.
  • a user may initially be prompted to perform a number of repetitions of the correct, authentic signature gesture. For example, three, five, seven or ten repetitions may be recorded by sensors of device 110. Sensor data obtained during these repetitions may be referred to as positive training data, as the genuine signature gesture is comprised therein. Additionally the user may be prompted to gesture in a way that does not comprise the signature gesture, again, repeatedly. Sensor data obtained during these gestures may be referred to as negative training data, as the genuine signature gesture is absent therein.
  • the feature data may be determined based on the positive training data, and, optionally, the negative training data as well. Where the negative training data is not used in establishing the feature data, it of course need not be collected either.
  • the negative training data may be useful in establishing the feature data, since the user may have characteristic motion features that are present in both the genuine signature gesture and other gestures the user makes. For example, arm length, muscle tone and rhythm may be typical of the user in general, and affect characteristics of his gestures. In general, where it can be established a gesture is not even made by the correct user, it is trivial to conclude it cannot be the authentic signature gesture.
  • the negative training data like the positive training data, may comprise or be derived from acceleration and/or angular velocity sensor data obtained by device 110.
  • One example of negative training data is a case where the user seeks to protect the authentication from specific people around him. For example, a parent may ask his child to perform a signature gesture, providing instructions on how it should be performed.
  • Sensor data characterizing this gesture can be employed, in some embodiments, to help guard the authentication against unauthorized access.
  • matching of a freshly generated set of sensor data against the feature data may be performed, for example in device 110 or in auxiliary device 1 lOx.
  • the matching may be performed in a cloud server that is in possession of, or has access to, the feature data.
  • the set of sensor data may be provided to the server in a request, and the server may be arranged to provide a result of the matching as a response.
  • the request may comprise an identifier of a node, where the result should be transmitted to.
  • the request may be encrypted.
  • the matching comprises determining, whether the set of sensor data corresponds to the feature data, that is, whether the gesture now performed is the correct signature gesture.
  • the matching may be based on at least one of a linear regression classifier, a support vector machine, SVM, and a neural network, for example.
  • a result of the matching may comprise a determined probability the fresh set of sensor data is from a genuine signature gesture. Where the set of sensor data very closely matches the feature data, the probability may be high, and where there are differences between the set of sensor data and the feature data, the probability may be lower. The larger the differences are, the lower is the probability.
  • a decision whether to accept the fresh gesture as authentic may depend on a reliability threshold. For example, it may be required that the determined probability the set of sensor data is from a genuine signature has to be at least 0,9 or 0,95 for the gesture to be accepted as authentic. Therefore, to perform a gesture-based authentication, a user may perform the signature gesture, during which time device 110 captures a set of sensor data, which set of sensor data is then compared against the feature data, established prior, to derive a probability the two are consistent. The derived probability is then compared to the reliability threshold to decide, whether to accept the gesture authentication or to reject it.
  • the reliability threshold to be used in the authentication process may be selected in dependence of at least one ancillary authentication method.
  • a less strict reliability threshold can be employed in the gesture recognition, as the compound authentication consisting of the gesture and the at least one ancillary authentication method nonetheless will satisfy also a stricter reliability threshold.
  • the gesture-based authentication method is used together with the ancillary authentication method.
  • an ancillary authentication method may be present where a user has paired device 110 with an ancillary device 1 lOx, and the pairing has not been broken. This may be the case, for example, where the user has caused device 110 to interact with ancillary device 11 Ox in the morning, and then he has worn device 110, and kept ancillary device 1 lOx with him, such that the pairing has remained unbroken.
  • the pairing may rely on the Bluetooth protocol, for example.
  • Auxiliary device 11 Ox may act as a data sink device in the sense that device 110 transmits sensor data it obtains from sensors to auxiliary device 11 Ox.
  • the pairing may require entry of a pin code, or it may rely on a previously established trust relationship between device 110 and auxiliary device 1 lOx.
  • Another example is a case, where the use has interacted with device 110, for example in a way that has required entry of a pin code, and/or a pairing, and device 110 has been worn continuously since then.
  • device 110 has been able to measure a continuous biometric data stream, it may be determined device 110 has been worn continuously and consequently by the legitimate user. Therefore, an ancillary authentication method is in place, since a degree of confidence can thereby be established the user is the legitimate user.
  • Heart rate, galvanic skin response and skin temperature are examples of bio metric information usable in determining device 110 has been continuously worn. In general, a continuous flow of data may be obtained since a reliable past event.
  • biometric data is used as an ancillary authentication method in a sense, that presence of biometric data matching the user is used as a trigger to make the reliability threshold less strict.
  • biometric data not matching the user may in these embodiments make the reliability threshold more strict.
  • the user may have a characteristic heart rate when at rest. In case a heart rate consistent with the characteristic heart rate is present, the less strict reliability threshold may be used, but where a heart rate inconsistent with the characteristic heart rate is present, the more strict reliability threshold may be used. For example, where the characteristic heart rate is 70 beats per minute, a reading of 95 beats per minute could be considered inconsistent with the characteristic heart rate.
  • a combination of at least two biometric datapoints could provide a more characterizing effect than a single biometric datapoint.
  • One example of an ancillary authentication method is a method wherein it is verified, whether device 110 has been continually worn and a pairing of device 110 to auxiliary device 11 Ox has been continually present since a reliable past event, such as a password or pin entry or a pairing.
  • the verification device 110 has been continually worn may be based on biometric sensor data, as described above.
  • the reliability threshold may be once more made more strict in case the ancillary authentication method is no longer usable.
  • the ancillary authentication method may be considered no longer present, as it is possible the user has taken device 110 off, for example in case he is robbed and device 110 is stolen.
  • the threshold should return to the stricter level as the additional confidence provided by the ancillary authentication method is no longer present.
  • the gesture When a gesture is accepted in the presence of an ancillary authentication method, the gesture may be considered as a further element of positive training data, and used to refine the feature data, to render the gesture-based authentication method more reliable and usable.
  • the rate of false negatives and false positives decreases.
  • a false negative may comprise a gesture that is a genuine signature gesture, but which nonetheless is rejected in the gesture authentication process.
  • a false positive is here a gesture that is accepted despite it not being a genuine signature gesture.
  • FIGURE 3 illustrates an example apparatus capable of supporting at least some embodiments of the present invention.
  • device 300 which may comprise, for example, a device such as device 110 or auxiliary device 1 lOx of FIGURE 1 or FIGURE 2.
  • processor 310 which may comprise, for example, a single- or multi-core processor wherein a single-core processor comprises one processing core and a multi-core processor comprises more than one processing core.
  • Processor 310 may comprise more than one processor.
  • a processing core may comprise, for example, a Cortex-A8 processing core manufactured by ARM Holdings or a Steamroller processing core produced by Advanced Micro Devices Corporation.
  • Processor 310 may comprise at least one Qualcomm Snapdragon and/or Intel Atom processor.
  • Processor 310 may comprise at least one application-specific integrated circuit, ASIC. Processor 310 may comprise at least one field-programmable gate array, FPGA. Processor 310 may be means for performing method steps in device 300. Processor 310 may be configured, at least in part by computer instructions, to perform actions.
  • Device 300 may comprise memory 320. Memory 320 may comprise random- access memory and/or permanent memory. Memory 320 may comprise at least one RAM chip. Memory 320 may comprise solid-state, magnetic, optical and/or holographic memory, for example. Memory 320 may be at least in part accessible to processor 310. Memory 320 may be at least in part comprised in processor 310. Memory 320 may be means for storing information. Memory 320 may comprise computer instructions that processor 310 is configured to execute.
  • Device 300 may comprise a transmitter 330.
  • Device 300 may comprise a receiver 340.
  • Transmitter 330 and receiver 340 may be configured to transmit and receive, respectively, information in accordance with at least one cellular or non-cellular standard.
  • Transmitter 330 may comprise more than one transmitter.
  • Receiver 340 may comprise more than one receiver.
  • Transmitter 330 and/or receiver 340 may be configured to operate in accordance with global system for mobile communication, GSM, wideband code division multiple access, WCDMA, long term evolution, LTE, IS-95, wireless local area network, WLAN, Ethernet and/or worldwide interoperability for microwave access, WiMAX, standards, for example.
  • GSM global system for mobile communication
  • WCDMA wideband code division multiple access
  • LTE long term evolution
  • LTE long term evolution
  • IS-95 wireless local area network
  • WLAN Ethernet
  • WiMAX worldwide interoperability for microwave access
  • Device 300 may comprise a near-field communication, NFC, transceiver 350.
  • NFC transceiver 350 may support at least one NFC technology, such as NFC, Bluetooth, Wibree or similar technologies.
  • Device 300 may comprise user interface, UI, 360.
  • UI 360 may comprise at least one of a display, a keyboard, a touchscreen, a vibrator arranged to signal to a user by causing device 300 to vibrate, a speaker and a microphone.
  • a user may be able to operate device 300 via UI 360, for example to cause pairings to occur, to enter pin codes and/or to participate in gesture based authentication.
  • Device 300 may comprise or be arranged to accept a user identity module
  • User identity module 370 may comprise, for example, a subscriber identity module, SIM, card installable in device 300.
  • a user identity module 370 may comprise information identifying a subscription of a user of device 300.
  • a user identity module 370 may comprise cryptographic information usable to verify the identity of a user of device 300 and/or to facilitate encryption of communicated information and billing of the user of device 300 for communication effected via device 300.
  • Processor 310 may be furnished with a transmitter arranged to output information from processor 310, via electrical leads internal to device 300, to other devices comprised in device 300.
  • a transmitter may comprise a serial bus transmitter arranged to, for example, output information via at least one electrical lead to memory 320 for storage therein.
  • the transmitter may comprise a parallel bus transmitter.
  • processor 310 may comprise a receiver arranged to receive information in processor 310, via electrical leads internal to device 300, from other devices comprised in device 300.
  • Such a receiver may comprise a serial bus receiver arranged to, for example, receive information via at least one electrical lead from receiver 340 for processing in processor 310.
  • the receiver may comprise a parallel bus receiver.
  • Device 300 may comprise further devices not illustrated in FIGURE 3.
  • device 300 may comprise at least one digital camera.
  • Some devices 300 may comprise a back-facing camera and a front-facing camera, wherein the back-facing camera may be intended for digital photography and the front- facing camera for video telephony.
  • Device 300 may comprise a fingerprint sensor arranged to authenticate, at least in part, a user of device 300.
  • device 300 lacks at least one device described above.
  • some devices 300 may lack a NFC transceiver 350 and/or user identity module 370.
  • Processor 310 memory 320, transmitter 330, receiver 340, NFC transceiver
  • FIGURE 4 illustrates signalling in accordance with at least some embodiments of the present invention. On the vertical axes are disposed, from the left, devices 110 and 11 Ox of FIGURE 2, and finally on the right, correspondent node 400. Time advances from the top toward the bottom.
  • phase 410 device 110 is worn by the user, and in phase 420 a pairing is established between device 110 and auxiliary device 11 Ox.
  • Heartbeat packets and/or biometric data may be transmitted over the pairing, for example.
  • phase 430 auxiliary device 11 Ox modifies the reliability threshold to a less strict level, since the pairing has occurred and has not been interrupted.
  • phase 440 the user interacts with correspondent node 400, which may comprise, for example, a media store.
  • the user may request to download the contents of a current newspaper edition to auxiliary device 11 Ox, for example.
  • correspondent node 400 requests payment from auxiliary device 1 lOx.
  • auxiliary device 11 Ox being in possession of payment credentials, requests the user to accept the transaction by providing the gesture authentication, to thereby accept the charge.
  • the user performs the signature gesture, which is recorded by sensors of device 110, to thereby obtain a set of sensor data.
  • the set of sensor data is provided to auxiliary device 11 Ox in phase 460.
  • auxiliary device 11 Ox determines, whether the set of sensor data corresponds to the feature data, established earlier.
  • auxiliary device 11 Ox may determine whether the pairing of phase 420 remains in place uninterrupted, and responsive to this being the case, a less strict reliability threshold may be applied in performing the determination as to whether the set of sensor data corresponds to the feature data.
  • the more strict reliability threshold may be used in the determination of phase 470.
  • the feature data may be enhanced with the set of sensor data, wherein the set of sensor data is used as positive training data.
  • the authentication succeeds, and responsively auxiliary device 1 lOx obtains the requested content from correspondent node 400.
  • the determination, whether the set of sensor data corresponds to the feature data may be performed in device 110, rather than in auxiliary device 1 lOx, as illustrated in FIGURE 4.
  • FIGURE 5 is a flow graph of a method in accordance with at least some embodiments of the present invention.
  • the phases of the illustrated method may be performed in device 110, an auxiliary device 11 Ox or a personal computer, for example, or in a control device configured to control the functioning thereof, when implanted therein.
  • Phase 510 comprises storing feature data characterizing a signature gesture.
  • the stored feature data may comprise at least a part of the overall feature data.
  • Phase 520 comprises determining whether a set of sensor data corresponds to the feature data, the determination being based, at least partly, on a reliability threshold.
  • phase 530 comprises selecting the reliability threshold at least partly in dependence of at least one ancillary authentication mechanism, wherein a less strict reliability threshold is selected responsive to the at least one ancillary authentication mechanism being applicable.
  • Phase 530 may precede phase 520, such that the selected reliability threshold is used in the determination of phase 520.
  • the storing of phase 510 may comprise storing the feature data in encrypted form, for example. Alternatively or additionally, the storing of phase 510 may comprise storing an encrypted form of a classifier function.
  • At least some embodiments of the present invention find industrial application in gesture based authentication, in enhancing information security.

Abstract

Selon un aspect à titre d'exemple de la présente invention, un appareil est décrit, comprenant une mémoire configurée pour stocker des données caractéristiques caractérisant un geste de signature, au moins un cœur de traitement configuré pour déterminer si un ensemble de données de capteur correspond aux données caractéristiques, la détermination étant fondée, au moins en partie, sur un seuil de fiabilité, et le ou les cœurs de traitement étant configurés pour sélectionner le seuil de fiabilité au moins en partie en fonction d'au moins un mécanisme d'authentification auxiliaire, le ou les cœurs de traitement étant configurés pour sélectionner le seuil de fiabilité comme étant d'une sensibilité moins stricte au(x) mécanisme(s) d'authentification auxiliaire(s) applicable(s).
PCT/FI2016/050124 2016-02-26 2016-02-26 Authentification biométrique comportementale WO2017144768A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/FI2016/050124 WO2017144768A1 (fr) 2016-02-26 2016-02-26 Authentification biométrique comportementale

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/FI2016/050124 WO2017144768A1 (fr) 2016-02-26 2016-02-26 Authentification biométrique comportementale

Publications (1)

Publication Number Publication Date
WO2017144768A1 true WO2017144768A1 (fr) 2017-08-31

Family

ID=59684796

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FI2016/050124 WO2017144768A1 (fr) 2016-02-26 2016-02-26 Authentification biométrique comportementale

Country Status (1)

Country Link
WO (1) WO2017144768A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110968857A (zh) * 2019-12-03 2020-04-07 南京航空航天大学 基于抬臂动作的智能手表身份认证方法
WO2021170466A1 (fr) * 2020-02-27 2021-09-02 British Telecommunications Public Limited Company Procédé, système de traitement de données et programme informatique pour sécuriser une fonctionnalité d'un dispositif utilisateur connecté à un réseau local
US11899765B2 (en) 2019-12-23 2024-02-13 Dts Inc. Dual-factor identification system and method with adaptive enrollment

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012018326A1 (fr) * 2010-08-04 2012-02-09 Research In Motion Limited Procédé et appareil adaptés pour réaliser une authentification en continu sur la base de données personnelles dynamiques
US20130055348A1 (en) * 2011-08-31 2013-02-28 Microsoft Corporation Progressive authentication
US8922342B1 (en) * 2010-02-15 2014-12-30 Noblis, Inc. Systems, apparatus, and methods for continuous authentication
US20150074797A1 (en) * 2013-09-09 2015-03-12 Samsung Electronics Co., Ltd. Wearable device performing user authentication using bio-signals and authentication method of the same
WO2015127256A1 (fr) * 2014-02-23 2015-08-27 Qualcomm Incorporated Authentification continue au moyen d'un dispositif mobile
US20150278498A1 (en) * 2014-03-28 2015-10-01 Lg Electronics Inc. Mobile terminal and method for controlling the same
US20160018872A1 (en) * 2014-07-18 2016-01-21 Apple Inc. Raise gesture detection in a device

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8922342B1 (en) * 2010-02-15 2014-12-30 Noblis, Inc. Systems, apparatus, and methods for continuous authentication
WO2012018326A1 (fr) * 2010-08-04 2012-02-09 Research In Motion Limited Procédé et appareil adaptés pour réaliser une authentification en continu sur la base de données personnelles dynamiques
US20130055348A1 (en) * 2011-08-31 2013-02-28 Microsoft Corporation Progressive authentication
US20150074797A1 (en) * 2013-09-09 2015-03-12 Samsung Electronics Co., Ltd. Wearable device performing user authentication using bio-signals and authentication method of the same
WO2015127256A1 (fr) * 2014-02-23 2015-08-27 Qualcomm Incorporated Authentification continue au moyen d'un dispositif mobile
US20150278498A1 (en) * 2014-03-28 2015-10-01 Lg Electronics Inc. Mobile terminal and method for controlling the same
US20160018872A1 (en) * 2014-07-18 2016-01-21 Apple Inc. Raise gesture detection in a device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
MARE, S ET AL.: "ZEBRA: Zero-Effort Bilateral Recurring Authentication", IEEE SYMPOSIUM ON SECURITY AND PRIVACY, May 2014 (2014-05-01), XP032686139, Retrieved from the Internet <URL:http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6956596&tag=1> [retrieved on 20060608] *
YANG, J ET AL.: "MotionAuth: Motion-based Authentication for Wrist Worn Smart Devices", IEEE INTERNATIONAL CONFERENCE ON PERVASIVE COMPUTING AND COMMUNICATION WORKSHOPS (PERCOM WORKSHOPS, March 2015 (2015-03-01), XP032790117, Retrieved from the Internet <URL:http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=7134097&tag=1> [retrieved on 20160608] *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110968857A (zh) * 2019-12-03 2020-04-07 南京航空航天大学 基于抬臂动作的智能手表身份认证方法
CN110968857B (zh) * 2019-12-03 2022-04-08 南京航空航天大学 基于抬臂动作的智能手表身份认证方法
US11899765B2 (en) 2019-12-23 2024-02-13 Dts Inc. Dual-factor identification system and method with adaptive enrollment
WO2021170466A1 (fr) * 2020-02-27 2021-09-02 British Telecommunications Public Limited Company Procédé, système de traitement de données et programme informatique pour sécuriser une fonctionnalité d'un dispositif utilisateur connecté à un réseau local

Similar Documents

Publication Publication Date Title
US11831409B2 (en) System and method for binding verifiable claims
US11868995B2 (en) Extending a secure key storage for transaction confirmation and cryptocurrency
US10091195B2 (en) System and method for bootstrapping a user binding
US10769635B2 (en) Authentication techniques including speech and/or lip movement analysis
US11132694B2 (en) Authentication of mobile device for secure transaction
EP3916593B1 (fr) Système et procédé pour inscrire, enregistrer et authentifier efficacement avec plusieurs dispositifs d&#39;authentification
JP6433978B2 (ja) 高度な認証技術及びその応用
CN107294900B (zh) 基于生物特征的身份注册方法和装置
US20180191501A1 (en) System and method for sharing keys across authenticators
US9083689B2 (en) System and method for implementing privacy classes within an authentication framework
WO2016054263A1 (fr) Appariement d&#39;un dispositif biométrique
WO2016167895A1 (fr) Réalisation d&#39;authentifications d&#39;utilisateurs sans interruption
US11792024B2 (en) System and method for efficient challenge-response authentication
US9465974B2 (en) Electronic device providing downloading of enrollment finger biometric data via short-range wireless communication
US20230091318A1 (en) System and method for pre-registration of fido authenticators
WO2018027148A1 (fr) Techniques d&#39;authentification incluant une analyse de paroles et/ou de mouvement des lèvres
US20150016697A1 (en) Finger biometric sensor data synchronization via a cloud computing device and related methods
WO2017144768A1 (fr) Authentification biométrique comportementale
US9465818B2 (en) Finger biometric sensor data synchronization via a cloud computing device and related methods
Papaioannou et al. User authentication and authorization for next generation mobile passenger ID devices for land and sea border control
KR101910757B1 (ko) 로컬 인증
WO2018217157A1 (fr) Procédé et dispositif électronique pour authentifier un utilisateur
Vongsingthong et al. A survey on smartphone authentication
WO2018009692A1 (fr) Procédés et systèmes pour augmenter la sécurité de l&#39;authentification biométrique d&#39;un utilisateur
EP3811254A1 (fr) Procédé et dispositif électronique pour l&#39;authentification d&#39;un utilisateur

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16891331

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 16891331

Country of ref document: EP

Kind code of ref document: A1