Biometric Touch Sensing: Seamlessly Augmenting Each Touch With Continuous Authentication

Christian Holz and Marius Knaust. UIST 2015.
Yahoo Labs, Sunnyvale, CA.

Video

Figure 1

Biometric Touch Sensing: Overview figure

We enable commodity touchscreens to biometrically identify and authenticate users on every touch through the touchscreen itself. We seamlessly integrate continuous authentication into touch interaction, which fully replaces password dialogs. (a) Here, a tablet displays the home screen right away. (b) When touching the Mail icon, the tablet identifies the user and blocks unauthorized access. (c) When a registered user touches Mail, the device authenticates them and (d) opens their Mail. (e) Our watch prototype Bioamp senses biometric properties and modulates a high-frequency signal onto the user’s skin, from which the touchscreen obtains the biometric features, identifies the user based on biometrics, and continuously authenticates them for each interaction. Bioamp thus implements a form of biometric cross-device authentication, using the capabilities of a wearable device to enrich the sensing on another.

Abstract

Current touch devices separate user authentication from regular interaction, for example by displaying modal login screens before device usage or prompting for in-app passwords, which interrupts the interaction flow. We propose biometric touch sensing, a new approach to representing touch events that enables commodity devices to seamlessly integrate authentication into interaction: From each touch, the touchscreen senses the 2D input coordinates and at the same time obtains biometric features that identify the user. Our approach makes authentication during interaction transparent to the user, yet ensures secure interaction at all times. To implement this on today’s devices, our watch prototype Bioamp senses the impedance profile of the user’s wrist and modulates a signal onto the user’s body through skin using a periodic electric signal. This signal affects the capacitive values touchscreens measure upon touch, allowing devices to identify users on each touch. We integrate our approach into Windows 8 and discuss and demonstrate it in the context of various use cases, including access permissions and protecting private screen contents on personal and shared devices.

Publication

Christian Holz and Marius Knaust. 2015. Biometric Touch Sensing: Seamlessly Augmenting Each Touch with Continuous Authentication. In Proceedings of the 28th annual ACM symposium on User interface software and technology (ACM UIST '15). Charlotte, NC (November 8-11, 2015). ACM, New York, NY, USA, 303–312.

High-resolution photos

Overview: per-touch seamless authentication
Bioamp: A biometric sensor
App store purchasing and payment through touch
Authenticating for email access through mere touch
Protecting access to notifications
Temporary access sharing for photos
Protecting browsing sessions
Logins, sessions, and four eyes principle
Simulating high-speed touchscreen sampling rates

Other figures

Biometric Touch Sensing: No password prompts

(a) Traditional login dialogs or in-app password prompts interrupt interaction for authentication. Using biometric touch sensing, (b) touchscreens authenticate users upon each touch and verify permissions before starting an operation, here denying an in-app purchase action for this user.

Biometric Touch Sensing: Bioamp

Our watch-like prototype Bioamp comprises biometric sensors to capture user-unique features (biometrics) and electric parts to transmit signals to the touchscreen through the body. Bioamp implements a form of cross-device authentication, forwarding the biometrics recorded on one device to another for authentication.

Biometric Touch Sensing: Data transfer through the body

Data transfer. (a) Bioamp has a power source and ground reference and so does the touch device (b). Both connect through the body, but do not share a common ground.

Biometric Touch Sensing: Raw data

The debug interface of Atmel's touch chip provides a signed 8-bit capacitive image, (a) here on a Surface 2 Pro with a single touch. (b) When Bioamp modulates a signal onto the body, a characteristic pattern appears along the sense line. (Note how some values drop below zero during modulation.)

Biometric Touch Sensing: Windows OS integration

Our software layer on the touch device intercepts all touch events, authenticates the user for the event, and reinjects the touch upon success or displays an error otherwise.

Biometric Touch Sensing: Browsing sessions

(a) When browsing apps maintain a user’s session, access needs authentication, so other users resume their sessions and (b) unauthenticated users obtain (c) a fresh session.

Biometric Touch Sensing: One-touch app store purchase

(a) While browsing a shop is public, a user needs to be authenticated for purchases. (b&c) Here, the tablet authenticates users for each payment, such that when (d) a different user touches 'buy', the amount is charged to their account.

Biometric Touch Sensing: Access protection for notifications

(a) The tablet indicates the presence of a notification for a particular user, but does not reveal the contents. To reveal the message, (b) the user needs to touch and hold the item, (c) after which the message disappears. (d) To protect against shoulder surfers, we detect shield poses to cover messages.

Biometric Touch Sensing: Protecting apps with sensitive content

Biometric touch sensing enables devices to hide contents quickly. When Paul is logged in and John starts interacting, the device logs Paul out and starts John’s Mail app.

Biometric Touch Sensing: Sharing access permisions

Temporarily sharing access permissions. (a) Paul has no access to (b) John's album, (c) but John temporarily shares access permissions by simultaneously touching the item.

Biometric Touch Sensing: Requiring two users to access sensitive data

(a) Tapping the login button takes the user to their (b) personalized desktop. (c) For confidential data that requires the presence of two users, both users need to touch the login button simultaneously to (d) open a confidential inbox.

Biometric Touch Sensing: Evaluation of through-body data transmission

Conditions during the through-body evaluation. An ECG electrode simulated a direct connection to the sense line.

Biometric Touch Sensing: Through-body data transmission rates

Bit error rates. (left) ATMEL's debug interface affords transmission rates of 12 Hz with no error. (right) The SIMULATED TOUCH CHIP return larger bit error rates at 1 kHz.

Biometric Touch Sensing: Future form factors: iris scans, keyboards and mice, pens

Bioamp's concept generalizes to any device that scans biometric features and forwards them to a device, thereby enabling cross-device authentication, such as (a) a head-mounted device that scans the iris and modulates the features onto the body, (b) a keyboard or a mouse that scans fingerprints and forwards them to the computer, or (c) a pen that scans fingerprints an sends them to the touchscreen. All these devices support per-interaction authentication.