A pair of researchers at the University of Alabama at Birmingham have devised a novel approach to online authentication that leverages speech recognition and a smartwatch.
Dubbed ‘Listening-Watch’, the system requires a given user to download a security app on their smartwatch device. When authenticating through a PC or laptop, the computer will play a snippet of speech, while the smartwatch app listens. If the speech matches the key encoded in the smartwatch app, the app sends a signal to the authenticating party that the user is legitimate.
The system was devised by Nitesh Saxena, Ph.D, and doctoral student Prakash Shrestha, and they detailed it in a newly published paper in the Association for Computing Machinery Conference on Security and Privacy in Wireless and Mobile Networks.
Speaking to UAB News, Saxena explained that the Listening-Watch system “offers two key security features.” One is its use of “random code encoded into speech to withstand remote attackers,” he said. Meanwhile, “Low-sensitivity microphones found in current wearable devices cannot capture distant sounds, which will thwart proximity attackers.”
There are a couple of drawbacks, of course. One is that the system requires the use of sound, which could make some end users a bit self-conscious depending on the setting. And users would also need to have a smartwatch compatible with the required app. Still, as far as authentication security research goes, the Listening-Watch is a new and interesting direction to go in, and could lead to some even more compelling approaches down the line.
Source: UAB News
August 30, 2018 – by Alex Perala