Visible to the public PPGPass: Nonintrusive and Secure Mobile Two-Factor Authentication via Wearables

Submitted by grigby1 on Thu, 07/08/2021 - 2:38pm
TitlePPGPass: Nonintrusive and Secure Mobile Two-Factor Authentication via Wearables
Publication TypeConference Paper
Year of Publication2020
AuthorsCao, Yetong, Zhang, Qian, Li, Fan, Yang, Song, Wang, Yu
Conference NameIEEE INFOCOM 2020 - IEEE Conference on Computer Communications
Date PublishedJuly 2020
PublisherIEEE
ISBN Number978-1-7281-6412-0
Keywordsauthentication, biometrics, biometrics (access control), feature extraction, Heart beat, Human Behavior, human factors, Mobile/wearable computing, pubcrawl, Two factor Authentication, two-factor authentication, Wearable sensors, Writing
AbstractMobile devices are promising to apply two-factor authentication in order to improve system security and enhance user privacy-preserving. Existing solutions usually have certain limits of requiring some form of user effort, which might seriously affect user experience and delay authentication time. In this paper, we propose PPGPass, a novel mobile two-factor authentication system, which leverages Photoplethysmography (PPG) sensors in wrist-worn wearables to extract individual characteristics of PPG signals. In order to realize both nonintrusive and secure, we design a two-stage algorithm to separate clean heartbeat signals from PPG signals contaminated by motion artifacts, which allows verifying users without intentionally staying still during the process of authentication. In addition, to deal with non-cancelable issues when biometrics are compromised, we design a repeatable and non-invertible method to generate cancelable feature templates as alternative credentials, which enables to defense against man-in-the-middle attacks and replay attacks. To the best of our knowledge, PPGPass is the first nonintrusive and secure mobile two-factor authentication based on PPG sensors in wearables. We build a prototype of PPGPass and conduct the system with comprehensive experiments involving multiple participants. PPGPass can achieve an average F1 score of 95.3%, which confirms its high effectiveness, security, and usability.
URLhttps://ieeexplore.ieee.org/document/9155380
DOI10.1109/INFOCOM41043.2020.9155380
Citation Keycao_ppgpass_2020
Groups: