5 Ways The Smartwatch Can Bolster Authentication


The Moto 360 smartwatch is one of two wearables announced to operate on Android Wear.

Earlier this week Google announced its official entrance into the wearable technology beyond the already well known Google Glass. Android Wear is a new operating system from the company that brought us Google Search, specifically designed for smartwatches.

The launch videos that have been circulating the Web have been making a good case for the kind of convenience that a wrist-mounted interface can offer. Social media, music controls and text messaging all made as easy as a glance down. It is as if humans are undergoing the jump from pocket watches to wristwatches all over again, only on a bigger level.

Of course, at Mobile ID World identity solutions are king. After all, what good is a smartwatch if it’s just another BYOD vulnerability or an extension of a phone on an insecure network? Luckily, smartwatches are opening up a whole new world of strong mobile authentication.

Here are a list of five possible ways wrist-mounted wearables can bolster mobile security. Please feel free to use them inorder to make life more secure and share any speculative ideas of your own with @MobileIDWorld on Twitter.

1. Fitness Tech

The biggest consumer market for wearables has so far been the active living crowd. Wristband-style gadgets can measure your vital biometrics (ie. heart rate), allowing you to optimize your daily workout routine and better know your own body.

With wearable tech now having the ability to sync with a smartphone, it is an easy jump to the idea of invisible biometric authentication via resting heart rate. When the smartwatch is on, once it contains a user’s resting heart rate data, if an anomaly or inconsistency is detected secondary or tertiary security factors can be demanded.

2. Voice biometrics

The launch video of Android Wear a user on the bus sees a text message on his watch and answers his friend who he will be late to a meeting with by interfacing via voice recognition (similar to the Google Now function). The scene in the video is reminiscent of this year’s Oscar nominated film Her which features hands free mobile interface.

The security implication here is obvious. Voice biometrics are already a great fit for mobile devices, so there are already Android solutions that can make this happen. Speak a passphrase into your smartwatch and gain access to a synced or remote device.

3. Two-Step Puzzle

Google is already a fan of the two-step authentication process. It doesn’t need to be biometric either.

Perhaps someone wants to access their bank account through their phone. The normal on-device authentication takes place, but before access is granted a second test must be done on the watch.

It’s an easy extension of what Google and Microsoft already offer for their cloud services in the form of SMS one-time-passwords sent to registered phone numbers. The difference is that a second mobile device means that the same kind of precaution can be taken when accessing critical accounts via smartphone (SMS two step is redundant when the device being used is also the one receiving the OTP).

4. Motion biometrics

Similar to vital biometrics, this would require that a smartwatch have a sophisticated motion detector like Apple’s M7 chip in the iPhone 5S. Already there are minds working to integrate walking gate into multifactor systems by having smartphones passively measure walking rhythms and toss up barriers if abnormalities are sensed.

This potential wearable tech version of the solution is the same idea, only it’s on a watch.

5. Multi Factor Proximity Device

You may be asking at this point: “Why does having this on a watch make it better?”

It’s true, all four of the features described above have a smartphone counterpart (Samsung’s newest flagship phone has a heart rate monitor under its rear facing camera). That doesn’t matter, because the strongest factor that wearable tech can bring to mobile identity is proximity.

Any one of the above ideas benefits from the added factor of a secondary device. When a key part of the authentication process happens on another device, an unspoken factor is also present in the equation: the communication link between the smartphone and smartwatch.

Say that in the near future a phone equipped to allow physical point of sale is stolen and somehow has its primary authentication spoofed to allow the criminal to make authorized purchases. If a smartwatch factor is needed, even an invisible one that measures vitals, is not present, it’s no dice for the fraudster.

The smartwatch can be a versatile authentication tool all on its own, but when paired with other devices in the trust transactions of everyday life, it can be a convenient and powerful identification ally.