Daily Bulletin

  • Written by Sara Khalifa, Research Scientist, Networks Group, Data61

When we walk or move, we create kinetic energy in a way that is unique to each of us. Our latest research shows that it’s so unique, it can be used to authenticate who we are.

Not only that, but this kinetic energy can also be used to power our personal devices.

Power and security from the energy we create by walking is ideally suited to wearable technologies.

Wearables and mobile devices have become an integral part of our daily life. We collect and store huge amounts of personal information on those devices – accounts are synced, movements and locations recorded, and much, much more.

Many of us are tracking our health using devices such as FitBits, Apple Watches, heart rate monitors and the like. According to market research group IDTechEX the market for personable wearable technologies is expected to reach US$150 billion (A$200 billion) by 2026.

image Checking a Fitbit : a lot of personal data can be stored and synced. Flickr/BTNHD Production, CC BY-NC-ND

Data security

But researchers have found that some of these devices are vulnerable to attacks. It’s also possible for one person to connect to another’s wearable tracker without that person’s knowledge.

A potential attacker could then connect their device to that of another user and claim that user’s data as their own. For example, an attacker may be able to claim potential health insurance discounts and other benefits that are offered to people who allow insurance companies access to wearable tech data.

More worryingly, as mobile tech is being used more in healthcare monitoring of people, there’s a concern that such systems could be vulnerable to impersonation attacks.

Wearable and mobile devices often require some form of user authentication to address such impersonation attacks and protect the large amounts of personal data they collect.

The password problem

Most authentication relies on pin codes and passwords to keep devices secure. But recent research shows most of us have just two passwords – with a few tweaks here and there – used across 12 separate accounts.

We’re constantly being asked to choose difficult passwords, and not to write them down. Yet according to Verizon’s 2016 Data Breach Investigations Report, 63% of confirmed data breaches resulted from leveraging weak, default or stolen passwords.

For decades we’ve been trying to develop a better alternative that is neither easily compromised nor requires submitting information that only a user would know.

We’re walking

One of the most promising solutions for user authentication is through recognition of our gait, or walking style, using wearable sensors such as accelerometers that measure human movements.

image The way we walk is unique, even if you have a silly walk. Flickr/Edmond Wells, CC BY-ND

Because everyone has a different gait, which affects the movement of body segments differently, it can be used as a digital fingerprint to identify and authenticate a user.

The main advantages of using gait as authentication are availability and spontaneity, because walking is a daily activity.

Unlike other authentication methods, gait is non-intrusive. Our gait can be measured and tested without us even knowing. We are not required to enter information regularly to verify that it’s us. Our gait can be used continuously for authentication.

But there’s a catch – sampling our movements saps power from our devices.

We are a power source

Accelerometer sampling of our movements requires power, typically in the order of a few milliwatts. This makes it challenging to adopt gait-based user authentication in wearables where power availability is limited.

Simply adding a bigger battery to a wearable device or charging more regularly are not practical solutions.

To combat this issue, there is a strong interest in kinetic energy harvesting (KEH). This translates our motion into electrical energy that can be used as a trickle charge, improving battery life on wearable devices.

Some wearable KEH products are already appearing in the market. AMPY released the world’s first wearable motion-charger which can transform a user’s kinetic energy into battery power. Similarly, SolePower produces smart boots that use a user’s steps to power embedded lights, sensors and GPS.

With these rapid developments, KEH is likely to be built in to future wearable and mobile devices to augment or substitute batteries.

Unique kinetic energy harvesting

By examining the output voltages of KEH, we found that each of us also has unique energy patterns when performing different activities.

KEH therefore represents not only a power source but also another form of authentication.

The major advantage of KEH-based gait recognition is the potential for significant power savings as it doesn’t need to use the accelerometers at all.

As with any authentication technique there are security risks. For example, a signature can be forged, a pin number can be hacked and a password can be autosaved.

So how secure is KEH-Gait authentication?

Security test

To evaluate this we built two different KEH prototypes and experimentally validated the performance over 20 subjects with 200 gait cycles from each subject. Each subject participated in two independent data collection sessions.

Our data was collected in several environments (indoor and outdoor) including plain, grass and asphalt terrains, representing the natural gait changes over time and terrains.

Our results show that KEH-Gait can achieve an authentication accuracy of 95% and reduce energy consumption by 78.15%, compared to conventional accelerometer-based authentication techniques.

We also tested the robustness of the KEH-Gait system against an attacker trying to imitate someone’s motions. Out of 100 imposter trials, we found that 13 were wrongfully accepted.

Some false positives can occur when the gait patterns of the imposter and the user are close. But the behavioural characteristic of human gait provides our scheme security against such attacks. Since KEH-Gait keeps authenticating the user continuously, it becomes more difficult to reproduce the gait. Imitating how a person walk over time is extremely difficult if not impossible.

So by capturing movements that are unique to a user, KEH-Gait presents a secure, continuous and implicit authentication tool – a promising development given the booming wearable device market.

Authors: Sara Khalifa, Research Scientist, Networks Group, Data61

Read more http://theconversation.com/the-way-we-walk-can-be-used-to-power-and-secure-our-devices-76152

Business News

A Guide to Finance Automation Software

When running a business, it is critical to streamline certain processes to maintain efficiency. Too much to spent manually on tasks can wind up being detrimental to the overall health of the organis...

Daily Bulletin - avatar Daily Bulletin

Top Tips for Cost-effective Storefront Signage

The retail industry is highly competitive and if you are in the process of setting up a retail store, you have come to the right place, as we offer a few tips to help you create a stunning storefront...

Daily Bulletin - avatar Daily Bulletin

How Freight Forwarding Simplifies Global Trade Operations

Global trade operations are becoming increasingly complex due to international regulations, customs procedures, and the sheer scale of global logistics. For businesses looking to expand internation...

Daily Bulletin - avatar Daily Bulletin