Skip to Content

Smart Phones that Know Their Users by How They Walk

Biometric security is obtrusive–unless it’s on all the time, analyzing your gait.
September 16, 2010

Your smart phone is a hideous liability that renders you increasingly vulnerable to a host of fraudulent activities–everything from identity theft to the emptying of your bank accounts–every day. Right now phones are stolen because they’re valuable, but if you think about it, the data they contain–which will only become more lucrative once we’re using them as electronic wallets–is worth far more.

The problem is that unlike your bank’s website, you use your phone throughout the day, which makes tapping in a password over and over again so impractical that few users bother to lock their phones in this way.

The solution is biometrics–imagine phones with a fingerprint scanner–and the best kind operate transparently. So-called passive biometrics know who you are based on things you’re doing all the time anyway.

For passive biometrics to work, the more measures of the “youness” of you they can gather, the better. That’s because every biometric system has a certain false positive / false negative rate, and when one fails, a secondary one can take over for verification, thus guaranteeing that you are confronted with an actual password prompt as infrequently as possible.

Gait analysis is a tried-and-true method of passive biometrics, your gait being a very individual and hard-to-imitate trait.

Old-school systems used visual analysis or pressure plates in the floor to determine your gait, both of which are good for defending diamond vaults and military facilities, if not smart phones.

Fortunately, modern smart phones have tiny, piezoresistive MEMS accelerometers built-in. These things can measure acceleration in three different axes (x,y,z) which makes them perfectly suitable for analyzing the gyrations in three dimensions of your legs as you walk down the street with your phone in your pocket.

For the first time ever, researchers were able to use the accelerometer built into a smart phone to analyze gait (pdf) and their work suggests that, with further refinement, one of the ways your phone could know it’s in the right hands would be simply by passively analyzing your walking style.

First, the bad news: they were only able to achieve a 20 percent Equal Error Rate (EER), which means that one time out of five, the phone registered either a false positive or a false negative when trying to determine the identity of the user. And that’s with the phone in a hip holster, oriented in the same way every time.

But there’s no inherent reason why this technology couldn’t be fine-tuned - and if future smartphones include accelerometers with higher sampling rates, that would help. (The accelerometer in the Android G1 smartphone used for this experiment had sampled acceleration 40-50 times per second.)

Indeed, the ultimate combination would include gait analysis, voice recognition, fingerprint activation and, only if all of those failed, password entry. Just such a system was proposed in 2007, in a paper entitled Increasing Security of Mobile Devices by Decreasing User Effort in Verification. This combined approach would constitute a “method of frequent user verification, based on a cascade of unobtrusive biometrics… in such a way that explicit effort is required only if unobtrusive verification fails.”

The estimated false positive rate for this combined approach would be 1 percent or less – exactly what we need to protect the increasingly valuable data on our smart phones without transforming the use of them into a chore.

Update: The original paper has since disappeared from the web. Here’s the citation for anyone searching for it.

Mohammad O. Derawi, Claudia Nickel, Patrick Bours and Christoph Busch. Unobtrusive User-Authentication on Mobile Phones using Biometric Gait Recognition. In 6th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, October 2010”

image cc dusk photography

Follow Mims on Twitter or contact him via email.

Keep Reading

Most Popular

Scientists are finding signals of long covid in blood. They could lead to new treatments.

Faults in a certain part of the immune system might be at the root of some long covid cases, new research suggests.

Large language models can do jaw-dropping things. But nobody knows exactly why.

And that's a problem. Figuring it out is one of the biggest scientific puzzles of our time and a crucial step towards controlling more powerful future models.

OpenAI teases an amazing new generative video model called Sora

The firm is sharing Sora with a small group of safety testers but the rest of us will have to wait to learn more.

Google’s Gemini is now in everything. Here’s how you can try it out.

Gmail, Docs, and more will now come with Gemini baked in. But Europeans will have to wait before they can download the app.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.