**** UPDATED ****
Could the way we walk be the next authentication technology we all use? UnifyID believes so and has launched a new API called GaitAuth. What is interesting about GaitAuth is that it is a passive technology that sits on your phone. Like all biometric technologies, GaitAuth claims that our walk is unique to us, which makes it ideal as an identification technology.
The problem with many existing biometric technologies is that they can be spoofed. Some, such as facial recognition, also suffer from poor detection models and the current training systems tend to build bias in. Why should our walk be any different?
In the blog written by John Whaley, Founder and CEO, UnifyID, he says: “You may wonder how unique someone’s gait truly is. Your gait is a product of your unique physiology and years of muscle memory. And unlike static biometrics like fingerprint or facial recognition, it is dynamic and constantly changing, and it is hard for others to spoof and steal.
“We’ve tested our models using anonymized data from millions of mobile phones and found the accuracy of gait-based authentication can rival other biometrics like fingerprint, iris, or face. Gait also has the benefit that it continues to work even if the user is wearing a face mask or gloves.”
Solving the problem of authentication in all environments
It is that latter point that Whaley makes that may provide the impetus to get developers playing with the GaitAuth API. Not all environments are suited to the other biometric options on the market.
When hands are wet or very dry, fingerprint technology often fails as any international air traveller will know. The impact of coronavirus is likely to mean people wearing face coverings for some time. Additionally, there are some professions where faces are covered for protection.
UnifyID believes that the combination of a smartphone with GaitAuth is the ideal continuous authentication device. It will detect who you are within just a few steps and authenticate you. If you put your phone down, it will simple re-authenticate you as soon as you pick it up and walk. As it is a continuous monitoring system, you can’t just hand your phone off to someone else. Doing so would cause an almost immediate fail as soon as they start walking with it.
Whaley lists a set of use cases for using GaitAuth such as access control systems, unlocking and starting a car and those working in sensitive areas. The latter will appeal to the military and governments who are always looking for new ways to secure areas.
Enterprise Times: What does this mean?
*Enterprise Times has received a response from Leandro Margulis, VP Developer Relations, UnifyID. He has provided a response to our questions below.*
Using a technology that isn’t intrusive, continuously on and always accurate, sounds like authentication nirvana. But there are questions that are not answered on the GaitAuth page.
- How will GaitAuth adapt when you are carrying a heavy load? A balanced load such as a pack should be no issue, but what about carrying a large box or an unbalanced load?Margulis: “UnifyID’s technology runs in the background continuously and passively, and also has a feature called “perennial learning”. What this means is that the person will be continuously authenticated and the carrying of the load will not affect the authentication of the person.”
- What if you break a leg or even a toe? Using crutches changes how your whole body moves.Margulis: “Perennial learning allows for taking into consideration evolution and changes in someone’s gait over time.”
- How can it be adapted to amputees? Solving this would get military attention given the number of veterans who use a prosthesis.Margulis: “The technology is based on the science of motion, so each one of us moves in a unique way and the machine learning models can take this into consideration.”
- A skilled intelligence operator can learn how to look, act and talk like someone else. Is it not possible they could learn to walk like them?Margulis: “The technology is as accurate as physical fingerprint. In addition, it can be used as one additional factor in a 2-factor or multi-factor authentication solution increase security even more.”
Despite these questions, GaitAuth is appealing. Perhaps it is the non-intrusiveness or continuous authentication. It will be interesting to see who releases an authentication solution using GaitAuth and whether they combine it with other UnifyID solutions such as PushAuth.