Towards Nonintrusive and Secure Mobile Two-Factor Authentication on Wearables

Yetong Cao, Fan Li*, Qian Zhang, Song Yang, Yu Wang

*此作品的通讯作者

科研成果: 期刊稿件文章同行评审

4 引用 (Scopus)

摘要

Mobile devices are promising to apply two-factor authentication to improve system security. Existing solutions have certain limits of requiring extra user effort, which might seriously affect user experience and delay authentication time. In this paper, we propose PPGPass, a novel mobile two-factor authentication system, which leverages Photoplethysmography (PPG) sensors available in most wrist-worn wearables. PPGPass simultaneously performs a password/pattern/signature authentication and a physiological-based authentication. To realize both nonintrusive and secure, we design a two-stage algorithm to separate clean heartbeat signals from PPG signals contaminated by motion artifacts so that users do not have to deliberately keep their bodies still. In addition, to deal with noncancelable issues when biometrics are compromised, we design a repeatable and non-invertible method to generate cancelable feature templates as alternative credentials. We leverage the great power of Random Forest and Support Vector Data Description to detect adversaries and verify a user's identity. To the best of our knowledge, PPGPass is the first nonintrusive and secure mobile two-factor authentication based on PPG sensors. Extensive experiments demonstrate that PPGPass can achieve the false acceptance rate of 3.11% and the false recognition rate of 3.71%, which confirms its high effectiveness, security, and usability.

源语言英语
页(从-至)3046-3061
页数16
期刊IEEE Transactions on Mobile Computing
22
5
DOI
出版状态已出版 - 1 5月 2023

指纹

探究 'Towards Nonintrusive and Secure Mobile Two-Factor Authentication on Wearables' 的科研主题。它们共同构成独一无二的指纹。

引用此