Stolen phones are a logistical pain and a financial burden. As products like Apple Pay attempt to make our phones our identities, the stakes are only getting higher. But do we want every other moment we live to be verified by thumbprint, passcode, or PIN? Is this life, or is this a bad James Bond knockoff?
Soon, there may be a better way. Researchers at Glasgow Caledonian University have developed a frictionless method for verifying a phone’s user. It leverages the phone’s full suite of sensors to create a behavioral print of the user. And so if someone else takes your phone, smart software will see that they use it differently.
The software researchers used the nearest cell-phone towers to create contextual “anchors” for someone’s behavior throughout the day. In other words, the software mapped where someone generally went, and then how they generally acted in each spot throughout the day. Within each anchor, they could see a lot: the apps you used, the Wi-Fi networks you connected to, the bluetooth devices you connected to, the people you called, and even the noise and light levels of the areas you visited.
From all this data, they created profiles of each cell-phone user, which a smart algorithm could reference in real time to determine whether the user matched the profile. The plan worked pretty well. After a few weeks of use, the algorithm was smart enough to spot if a stranger had stolen your phone in two minutes with 99% accuracy. In a much harder test the team conducted, in which a roommate had stolen a phone–a roommate who was even given a list of the apps the owner generally used–the software spotted theft in about 10 minutes with 53% accuracy. And the risk of a false positive–of identifying a thief when there was none–was low. Whenever the software believed it spotted a thief, it simply asked for a password.
Could such an idea stop all phone theft? Doubtful. Anyone who’s had their phone stolen knows that thieves tend to turn them off immediately to avoid tracking. However, for systems like Apple Pay, these contextual portraits could allow a relatively secure way for us to go about our day making purchases without constantly typing in pins or giving thumbprints. The data-tracking is certainly invasive, but if Google and Apple were to build in this technology natively, and leverage all of a phone’s sensors inside their operating systems to constantly verify our identities, maybe all of us law-abiding citizens wouldn’t have to constantly prove that, yes, we really are who we say we are.