Researchers at Dartmouth College have been working on a solution to work around the shortcomings of inactivity timeouts and other security risks that arise when a user does not log out.
Conventional authentication methods based on passwords, tokens or fingerprints perform one-time authentication and rely on users logging out once they are done. However risks arise when the user fails to log out, and inactivity timeouts prove ineffective if the timeout is too long or too short.
That’s where ZEBRA – or Zero-Effort Bilateral Recurring Authentication- comes in. The user wears the ZEBRA bracelet, loaded with a built-in accelerometer, gyroscope, and radio on his/her dominant wrist. The bracelet records the wrist movement, processes it, and sends it to the terminal which then compares the wrist movement with the inputs it receives from the user (via keyboard and mouse), and confirms the proximity of the user only if they correlate, enunciates a paper explaining the research.
In an email to Motherboard, Professor David Kotz explains, “ZEBRA bracelet could act as a second factor for initial authentication.” He believes that the device could be customised, in principle, to be integrated into a variety of devices.
Dartmouth PhD student Shrirang Mare added that next on the agenda is to project the authentication technique to tablets and smartphones. If the recent spate of celebrity hacking has taught us anything, it’s that current data security procedures are not robust enough. Perhaps ZEBRA could be the personal online security breakthrough we’ve been waiting for.
Source: Motherboard