Skip to Content

Smart Phones that Know Their Users by How They Walk

Biometric security is obtrusive–unless it’s on all the time, analyzing your gait.
September 16, 2010

Your smart phone is a hideous liability that renders you increasingly vulnerable to a host of fraudulent activities–everything from identity theft to the emptying of your bank accounts–every day. Right now phones are stolen because they’re valuable, but if you think about it, the data they contain–which will only become more lucrative once we’re using them as electronic wallets–is worth far more.

The problem is that unlike your bank’s website, you use your phone throughout the day, which makes tapping in a password over and over again so impractical that few users bother to lock their phones in this way.

The solution is biometrics–imagine phones with a fingerprint scanner–and the best kind operate transparently. So-called passive biometrics know who you are based on things you’re doing all the time anyway.

For passive biometrics to work, the more measures of the “youness” of you they can gather, the better. That’s because every biometric system has a certain false positive / false negative rate, and when one fails, a secondary one can take over for verification, thus guaranteeing that you are confronted with an actual password prompt as infrequently as possible.

Gait analysis is a tried-and-true method of passive biometrics, your gait being a very individual and hard-to-imitate trait.

Old-school systems used visual analysis or pressure plates in the floor to determine your gait, both of which are good for defending diamond vaults and military facilities, if not smart phones.

Fortunately, modern smart phones have tiny, piezoresistive MEMS accelerometers built-in. These things can measure acceleration in three different axes (x,y,z) which makes them perfectly suitable for analyzing the gyrations in three dimensions of your legs as you walk down the street with your phone in your pocket.

For the first time ever, researchers were able to use the accelerometer built into a smart phone to analyze gait (pdf) and their work suggests that, with further refinement, one of the ways your phone could know it’s in the right hands would be simply by passively analyzing your walking style.

First, the bad news: they were only able to achieve a 20 percent Equal Error Rate (EER), which means that one time out of five, the phone registered either a false positive or a false negative when trying to determine the identity of the user. And that’s with the phone in a hip holster, oriented in the same way every time.

But there’s no inherent reason why this technology couldn’t be fine-tuned - and if future smartphones include accelerometers with higher sampling rates, that would help. (The accelerometer in the Android G1 smartphone used for this experiment had sampled acceleration 40-50 times per second.)

Indeed, the ultimate combination would include gait analysis, voice recognition, fingerprint activation and, only if all of those failed, password entry. Just such a system was proposed in 2007, in a paper entitled Increasing Security of Mobile Devices by Decreasing User Effort in Verification. This combined approach would constitute a “method of frequent user verification, based on a cascade of unobtrusive biometrics… in such a way that explicit effort is required only if unobtrusive verification fails.”

The estimated false positive rate for this combined approach would be 1 percent or less – exactly what we need to protect the increasingly valuable data on our smart phones without transforming the use of them into a chore.

Update: The original paper has since disappeared from the web. Here’s the citation for anyone searching for it.

Mohammad O. Derawi, Claudia Nickel, Patrick Bours and Christoph Busch. Unobtrusive User-Authentication on Mobile Phones using Biometric Gait Recognition. In 6th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, October 2010”

image cc dusk photography

Follow Mims on Twitter or contact him via email.

Keep Reading

Most Popular

DeepMind’s cofounder: Generative AI is just a phase. What’s next is interactive AI.

“This is a profound moment in the history of technology,” says Mustafa Suleyman.

What to know about this autumn’s covid vaccines

New variants will pose a challenge, but early signs suggest the shots will still boost antibody responses.

Human-plus-AI solutions mitigate security threats

With the right human oversight, emerging technologies like artificial intelligence can help keep business and customer data secure

Next slide, please: A brief history of the corporate presentation

From million-dollar slide shows to Steve Jobs’s introduction of the iPhone, a bit of show business never hurt plain old business.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.