User authentication by a wearable device
Inventors
TILY, Hal • Suotsalo, Kimmo • Rusila, Matti • Poikola, Vertti • Partanen, Jukka
Assignees
Publication Number
US-12271459-B2
Publication Date
2025-04-08
Expiration Date
2042-12-22
Interested in licensing this patent?
MTEC can help explore whether this patent might be available for licensing for your application.
Abstract
Methods, systems, and devices for operating a wearable device are described. The wearable device may determine that a user is wearing the wearable device. The wearable device may collect physiological data from the user based on determining that the user is wearing the wearable device. The wearable device may then determine an identity of the user based at least in part on the collected physiological data matching a physiological profile associated with the identity. The wearable device may then authenticate the user for an action by the wearable device that requires user authentication.
Core Innovation
The invention describes methods, systems, and devices for operating a wearable device that performs user authentication based on physiological data collected from the user. The wearable device determines when a user is wearing the device, collects physiological data such as photoplethysmogram (PPG) signals, temperature, motion patterns, and other biometric markers, and matches the collected physiological data against a stored physiological profile associated with the authorized user. Upon a match, the wearable device authenticates the user to permit actions requiring authentication, such as payment transactions or access procedures.
The invention addresses the problem that wearable devices capable of performing actions on behalf of users are vulnerable to unauthorized use if someone other than the authorized user gains physical possession of the device. This raises security concerns for sensitive actions like payments, account sign-in, or physical access. The invention solves this problem by continuously or intermittently authenticating the user based on physiological data, thereby preventing unauthorized users from initiating such actions. This approach is intended to be less effortful, more reliable, and resistant to spoofing compared to traditional passcode methods.
Claims Coverage
The claims detail inventive features covering user authentication via physiological data, device detection of wearing status, normalization of biometric data, initiation of authenticated actions, and related communication protocols in wearable devices.
Determining a physiological profile associated with a user identity
The wearable device determines a physiological profile for a user over a period of time, encompassing various physiological characteristics and biological rhythm adjustments.
Detecting wearing status based on disruption of light detected by a photodetector
The device determines that the user is wearing the device on a finger by detecting a disruption in light via a photodetector, indicating the presence of the user's finger.
Collecting and scaling physiological data accounting for biological rhythms
Physiological data collected is scaled to compensate for impacts of one or more biological rhythms relative to the period during which the physiological profile was determined.
Normalizing physiological data based on user activity and condition
The collected and scaled physiological data is normalized based at least in part on differences related to user activity, condition, or both, to improve accuracy in identity determination.
Identifying user by matching normalized data to physiological profile
The wearable device determines the user's identity by matching the normalized physiological data with the stored physiological profile associated with the identity.
Authenticating user for actions requiring authentication
Upon matching physiological data to the profile, the device authenticates the user for actions requiring authentication, such as payment transactions and physiological data collection.
Initiating actions conditioned on continuous wearing of the device
Actions are initiated only after verifying that the device has remained on the user's finger since the last authentication.
Activating and deactivating communication components based on authentication and user gestures or proximity
Communication modules are activated based on user authentication and gestures or device proximity, and deactivated after threshold durations, action completion, or exceeding proximity limits.
Using accelerometer data to detect user gestures
Gesture detection for activating actions may be performed based on accelerometer data collected by the wearable device.
Storing and communicating physiological profiles
Physiological profiles can be stored locally on the wearable device memory, communicated to a user device, or both, enabling offline authentication.
Including multiple physiological characteristics in profiles
Profiles include PPG data and derived physiological characteristics such as heart rate, heart rate variability, and blood pressure.
Incorporating motion patterns and predefined gestures into authentication
Profiles may include motion patterns such as predefined hand gestures or rotation patterns of the wearable device around the user's finger for authentication.
Using proximity to user device for identity determination
Authentication may be based in part on proximity of the wearable device to a user device associated with the identity.
Re-authentication after removal of the wearable device
The device performs a second authentication when it detects the device was removed after a prior authentication.
Performing access or sign-in procedures using communication components
Authentication enables activation of communication components to perform access procedures or sign-in protocols.
Initiating data transfer to other devices post-authentication
Authenticated devices initiate data transfer with other devices when within a certain proximity.
The claims collectively provide a comprehensive system and method for wearable devices to authenticate users by detecting wearing status, collecting and preprocessing physiological data, matching to stored profiles, and enabling or restricting sensitive actions based on authentication status.
Stated Advantages
User authentication based on physiological data requires less effort and is more reliable than passcode-based methods.
Continuous or comprehensive physiological data collection enables more robust and harder-to-spoof physiological profiles for authentication.
Using both green and red LEDs in wearable devices (such as rings) improves physiological data collection accuracy due to better artery accessibility in fingers compared to wrists.
Authentication ensures that physiological data collected is associated with the correct user, beneficial for applications like insurance or clinical trials.
Documented Applications
Performing payment transactions securely by authenticating the user before initiating payment procedures.
Granting access to restricted areas or electronic devices through authenticated wearable devices.
Signing in to accounts or systems that require user authentication using the wearable device.
Collecting physiological data for insurance rate or clinical trial purposes with verified user identity.
Initiating data transfers or communications with other devices after user authentication.
Interested in licensing this patent?