It is hard to recover a lost phone or tablet; and the consequences of a missing mobile device are substantial: So much information is stored in our mobile devices that we are at immediate risk of losing money, being burglarized, or even having our identities stolen. Think about it. Apart from having to re-create e-mail messages, change passwords and log-in names, recover pictures and secure financial accounts, online retailers like Amazon, eBay, and other click-and-buy services all assume it is you at the other end —even if it’s not.
Our feeble attempts to create and remember passwords are all but nullified if we use the “remember me” or the “keep me logged-in” tab on our devices, and how many of us carry a hard copy of our logins and passwords? Cloud-based services are at risk for hackers as well, so putting your trust in a cloud-based data storage or password recovery system can be risky, as we have seen with celebrity accounts being hacked all the time.
It was not such a problem when fixed-location computers were desktop and tower boxes, but now our computing devices are small and transportable, so they can be lost or stolen more easily. Wearable computers in particular must “know” who is wearing them to be safe and useful.
This article looks at how biometrics can be combined with wearable technologies to help ensure that the person using the wearable computer is the one who is authorized to do so. This article examines some technologies that can verify a user’s identity and protect sensitive data, information, and control. All devices, datasheets, tutorials, and development systems referenced here can be found online on Hotenda’s website.
Issues and concerns
Size is a problem when considering the use of biometrics in small, wearable computers. If your computer is the size of a postage stamp or smaller (and with wearable watch computers it is), how do you justify the size, weight, and power burden of a biometric reader that is larger than your wearable device?
Placement is key as well. If a verification device is physically wired to the wearable computer in a permanent way, it is more secure than a plug-in or wirelessly linked connection. For example, fingerprint detectors and even retinal scanners can be a couple of square inches in area. These easily fit onto a laptop, tablet, or even a smartphone but are too large and bulky to fit into a stamp-sized device. The same may be true with facial recognition systems.
If plug-in or wireless connection of a user verification system is to be employed, it is best to do so as a “tethered” peripheral. Here the independent-verification system can do the detection, processing, and verification without any intervention from a host. This allows the host to query the verification system when a sensitive operation is about to occur.
With both wired and wireless links, user-seeded encryption keys can lock out your hardware if not linked to your wearable. Then, even if both your verification peripheral and wearable computer is stolen, the biometric tests would still be a secure barrier that has to be passed.
Ease of use also dictates some constraints. If you are sporting your wearable in some out-of-the way place, you do not want to be searching and digging every time you log into an e-mail service, purchase something, or want to work on confidential company documents.
Biological techniques and deterrents
Biometrics is based on biology. These can be physical attributes such as fingerprints, height, weight, retinal pattern, speech constituent frequencies and resonance, and even thought patterns. Combinations of these can also be used. More complex techniques, such as DNA verification can be a part of the solution but has not emerged as a viable real-time and cost-effective solution. (The availability of newer technologies, such as semiconductor UV lasers, may accelerate this since DNA fluoresces under the right wavelengths of UV.)
Ease of use and security go hand-in-hand. Pin codes and pass codes are easy to use but apps already exist for smartphones that can figure out someone’s password or pin code by taking a long distance video of them entering it in. Algorithms calculate the hand motion against a virtually calculated keypad and figure out which keys are being pressed.
A desired capability of our biometric designs is that of reuse or multipurposing. If, for example, we can use a wearable computer’s existing peripheral CCD camera as a finger-print reader, a facial-recognition system, and/or a gesture detector, we have significantly reduced the cost of a fully-functional security system. We no longer need four cameras and associated circuitry.
Like an alarm sticker on a window, these technologies will deter a large number of would-be intruders. However, an experienced or persistent attacker probably can get through. So far, none of these technologies has proven to be 100 percent effective. Fingerprint scanners sometimes can be fooled by fogging up the apertures. Voice-print identification can sometimes be fooled by a quality recording. Facial recognition can sometimes be fooled by photographs. Even DNA sensors can be fooled by a piece of you.
Designing user-verification peripherals
Designing a user-verification system for a wearable computer as a peripheral allows our choice of processors to be narrowed down. For example, a moderately powered processor with mixed-signal capabilities and some DSP functionality can be the taskmaster of all the security systems we have discussed so far. For example, the STM32 F3 family from STMicroelectronics features 32-bit ARM Cortex-M4 processors with DSP and FPU functionality. Running at 72 MHz, the addition of the advanced analog peripherals makes it an ideal choice for interfacing with biometric systems and sensors.
A fast (5 Msample/s) 12-bit A/D stage and a 16-bit oversampling sigma-delta converter with 1 percent accuracy integrate well with the internal DSP functionality to provide event detection and sequencing. The addition of high-speed op-amp and comparators also allows internal signal routing through multiplexors that accept direct input or op-amp-filtered (for example) signals.
Example parts from the series include the small 48-pin STM32F303CCT6
and the larger 100-pin STM32F303VCT6
, which can provide a full mix of communications peripherals as well as I/O and mixed-signal capabilities.
Note that these parts take aim at medical- and biological-interfaced systems (Figure 1). A Product Training Module on the use of the F3 series processors for healthcare and wellness can be found on Hotenda’s website.
The family is also supported by the discovery kit STM32F3DISCOVERY and Eval boards STM32373C-EVAL
for development and test purposes.
Figure 1: Both peripherals and medical systems tie together in a body-area network that can include biological sensors for user verification. Even peripheral functions can be secured once a user’s identity can be reliably established.
Lower power is better
Note that even a more modest processor can take advantage of higher-end external signal processing and conditioning systems to achieve the required performance. This is especially true when power sensitivity is high up on the list of constraints.
The popular MSP430 series of low-power processors from Texas Instruments can fall into this category, especially the F2 series such as the MSP430F2001IPWR
. These parts include a “slope A/D converter” which can be used in conjunction with the internal comparator to precisely measure resistive and capacitive sensor elements as well as rates of change.
When higher precision is needed, the external, small-sized ADS1118IRUGR
16-bit, 4-channel 860 Msample/s external A/D converter from TI can be used as well. Its small size allows it to be in closer proximity to the sensors being monitored, and its serial interface allows smaller, more non-intrusive access. The part also contains an internal-voltage reference and a temperature sensor.
Several training modules on the MSP430 are available on Hotenda’s website, including a portable medical training module from TI.
When higher resolutions are needed, there are several good mixed-signal embedded processor choices that feature 20- and 24-bit A/D conversion steps. Take, for example, the Analog Devices ADUCM360BCPZ128
32-bit wide ARM Cortex-M3-based member of the companies ADuCM Series of processors that feature eleven 24-bit wide A/D converters.
Analog Devices also features linear-interface and electrode-interface solutions for body sensors and conditioners (Figure 2). Note how protection circuitry is included to protect sensitive linear front-ends in the event that defibrillator pulses are employed or other high-voltage discharges occur.
Figure 2: In addition to protection circuits for the micros, front-end protection for delicate linear sensors needs to be taken into account, especially in medical situations where high-voltage defibrillator pulses may be present.
Cypress offers its CY8C3866AXI-040
67 MHz 8-bit, 8051-based processor with a 20-bit A/D converter and cap-sense technology. As a member of the PSoC3 Series, the processor features comprehensive mixed-signal and low-power functionality ideal for a discrete sensor placed somewhere in the near field of communication of someone’s personal area network.
Cypress has also been involved with biometric verification systems like fingerprint identification. A reference design¹ with partner AuthenTec includes schematic and firmware that demonstrate how stored biometric data can be used to verify identity through fingerprints (Figure 3).
Figure 3: Using a reference design for established biometric identification systems like fingerprinting can accelerate design time via a cut-and-paste solution that can be evaluated up front.
While some biometric solutions are basically sensors in the analog realm, others can be digital and process intensive. Fingerprint, voiceprint, and retinal identification, for example, may need short bursts of very-high-performance processing to be able to quickly make a determination. This means most of the time it will be asleep using low-power techniques. However, when running, it does a lot of processing in a very short time.
For those more process-intensive bursts, you may want to look at higher-end devices like the Atmel ATSAMA5D31A-CUR
, which are members of the high-performance, 32-bit 536 MHz ARM Cortex-M5-based SAMA5D3 Family.
Similarly, Renesas offers the R8A77240D500BG#U0
, which is also a 32-bit, but in this case, 500 MHz SH-4A processor and a member of the SuperH SH7780 Series.
Biometrics is an area of technology that has been developed and refined to a point. Systems exist that demonstrate some of its potential capabilities. As the security issues of our wearable devices become more prevalent, expect to see greater implementation of these user-verification systems, employing clever techniques to shrink sizes, refine effectiveness, and make them more user appealing.
For more information on the parts discussed in this article, use the links provided to access product information pages on the Hotenda website.
- Reference Design: Cypress and AuthenTec Reference Design for Biometric Security in External USB Hard Disk Drives.