Usability/Acceptability of Wearable Authentication Devices
The availability, affordability and pervasiveness of mobile and wearable devices is at an all-time
high and growing. New applications are constantly being developed to increase the functionality and
usefulness of wearable devices in order to enhance and improve quality-of-life areas such as
fitness, communications, healthcare and electronic commerce.
At the same time, the increasing magnitude of security breaches associated with identity,
financial, and credit cards theft in the past five years have reached alarming rates.
Fortune 500 companies, federal government institutions, and private sector enterprises are at
the forefront of such breaches, resulting in the unauthorized release of more than 169 million
personal records in 2015, stemming from 781 publicized breaches across a variety of economic
sectors. The economic losses are staggering and the impact on personal credit ratings is
unprecedented. The average global cost per each lost or stolen record containing confidential
and sensitive data was $154. The industry with the highest cost per stolen record was
healthcare, at $363 per record. The majority of data breach victims surveyed, 81 percent,
report they had neither a system nor a managed security service in place to ensure they could
self-detect data breaches, relying instead on notification from an external party.
Despite the availability of tools to protect our records, such as the use of multi-factor
authentication protocols, possession protocols, or inheritance protocols, the threat remains
This area is becoming important -- see, for example,
Heartbeat could be used as password to access electronic health records.
Reference: Identity Theft Resource Center Breach Report Hits Near Record High in 2015.
The aim of this project is to attempt to understand how the societal perceptions of on-body
(OB) wearable-based authentication will ultimately impact how readily a new form of mobile
technology will be adopted within society.
It will focus on extending The Technology Acceptance Model into wearable authentication devices, such as cardiac rhythm
ECG-based wearable authentication devices, in order to define, understand, and evaluate
whether such devices will be accepted, deployed and used to the extent possible to prevent
fraudulent activities by validating identity, granting access, or authorizing usage.
Additional input and data is required that revolves around economic
viability of device implementation in relationship to cost-benefit implications (i.e. will device
cost hamper diffusion?). Currently, there is only one device that is nearing commercial deployment --
Nymi, also see
which uses cardiac rhythm based authentication, but the cost is about $250
per unit, which is a high "barrier to entry." Thus, it would be interesting to explore at what threshold
the device becomes affordable so that it leads to a profitable adoption and acceptance
(diffusion of innovation perspective).
If time permits, a survey will be designed to study the economic viability of usage and diffusion.
- To be sure you understand the problem: investigate, understand, and then define biometric authentication
(for example, in contrast to biometric identification).
- Investigate, understand, and then describe biometric authentication methods (fingerprint, face, iris, etc.)
and their properties (accuracy, acceptability, etc.).
This will result in a table of methods and their characteristics.
- Inventory the available wearable devices that perform biometric authentication.
This will result in a table of devices and include pertinent information, such as cost, accuracy, weight, etc.
- Investigate, understand, and then describe, in detail, the Technology Acceptance Model (TAM).
This could result in a table of applications of TAMs, and possibly also a table of the variety of TAMs.
- Investigate and describe the economic viability of device implementation in relationship to cost-benefit implications.
- Getting to the difficult part, design an experiment to evaluate the usability and acceptability of a set of wearable user authentication devices.
- What would you do next to arrive at some conclusions of this study?