Apple Watch wrist sensors could increase security by scanning veins in the wearer's wrist

Posted:
in Apple Watch
Future versions of the Apple Watch could authenticate the wearer's identity by scanning elements under the skin of a user's wrist, a biometric security feature that could eliminate the need for owners to enter a security code each time they put on the wearable device.

The rear sensor of a Nike+ Apple Watch Series 4
The rear sensor of a Nike+ Apple Watch Series 4


The Apple Watch is the only mobile device Apple produces that does not offer biometric security, with the wearable timepiece requiring a user to enter a PIN on the display to unlock it. The PIN has to be entered each time the Apple Watch is being accessed while not worn, as well as to unlock it for the first instance of accessing its functionality once placed on the wrist, but it won't ask for the code again until it detects it is no longer on the person's arm and in contact with the skin.

While the PIN does offer some security, it only does so with a one-in-10,000 chance of being unlocked by users trying at random. If the user reuses a PIN they have for other items as security, someone knowing that code elsewhere may also use it on the Apple Watch with a good chance of success.

In a patent application published by the US Patent and Trademark Office on Thursday, Apple's filing for a "Wearable Electronic Device Having a Light Field Camera Usable to Perform Bioauthentication from a Dorsal Side of a Forearm Near a Wrist" offers a suggestion of using imaging at the rear of the Apple Watch to confirm the wearer's identity.

Illustration showing the area of the wrist light field cameras on the back of an Apple Watch could cover
Illustration showing the area of the wrist light field cameras on the back of an Apple Watch could cover


As the title suggests, Apple proposes the use of a light field camera on the back of the Apple Watch, effectively consisting of multiple camera sensors and light emitters. Similar to how the Lytro cameras operate, the sensors would work together to capture enough data that it can form a complete image of a scene that the point of focus can be set to a variety of different settings.

Typically the synthetic focusing would be used with viewable subjects, but in the filing it would not be out in the open. Instead, Apple suggests taking the image while the Apple Watch is in contact with the wrist, in order to capture elements underneath the skin.

The list of features that could be detected for authentication includes patterns for hair follicle openings, vascular patterns, veins, arteries, blood perfusion in the skin and tendons, fascia blood perfusion, tendons, connective tissue, skin pigmentation, small scale folding skin patterns, pores, and bone shapes. One or more elements could potentially be used for authentication.

An exploded view of a biosensor panel that could include light field sensors and other elements
An exploded view of a biosensor panel that could include light field sensors and other elements


The images, following the synthetic focusing process, would be compared against previously-captured versions that are confirmed to be of the user. If there is enough of a similarity between the two sets of images, the system would confirm an authentication attempt, or otherwise prompt for another type of security check.

While Apple does produce numerous patent filings with the USPTO on a regular basis, it isn't a guarantee that the ideas will make their way into future Apple products and services. They do, however, offer a guide as to areas of the company's interest.

The patent application has some promise, as it would shore up security on the Apple Watch from its current state, potentially making it as secure as Face ID. Crucially, as the check is performed on the wrist, the Apple Watch knows it is the user wearing it and not the correct PIN being used while on a different person's wrist, enabling the Apple Watch to further protect a user's sensitive data.

Sub-dermal security has been explored elsewhere by Apple. A patent application from March 14 put forward the idea of using vein matching technology to scan areas below the skin as part of a Face ID check would further enhance an already quite secure system, enabling it to determine the difference between visually identical twins by simply seeing different vein patterns.

Comments

  • Reply 1 of 20
    FolioFolio Posts: 602member
    Huh? A PIN isnt always required if your AppleWatch is tethered to an iPhone that does the authentication. Most days When I put on Watch my iphone X eliminates the tedium.
    jbdragon
  • Reply 2 of 20
    that's too much tech for a relatively cheap device. 
  • Reply 3 of 20
    Why do you say 1 in 10,000?  My watch PIN is 8 digits.  That makes it 1 in 100,000,000, does it not?
    jbdragonmacgui
  • Reply 4 of 20
    I guess that tech could be coupled with future medical features, but only for authentication is a little overkill. Maybe they can just keep improving on FaceID to become smaller and just use that. For now, just save the money and give me sapphire glass on the sport model at the same price point. Of all the models that could benefit from a scratch resistant screen, the one most likely to be banged around on workout equipment should definitely have it. 
  • Reply 5 of 20
    mac_128mac_128 Posts: 3,449member
    I guess that tech could be coupled with future medical features, but only for authentication is a little overkill. Maybe they can just keep improving on FaceID to become smaller and just use that. For now, just save the money and give me sapphire glass on the sport model at the same price point. Of all the models that could benefit from a scratch resistant screen, the one most likely to be banged around on workout equipment should definitely have it. 
    My bet is on FaceID. I’m pretty sure the watch will get a camera at some point, especially as it continues to becomes a more autonomous device. That said, there was an issue where an unlocked watch could be transferred from one arm to another without resulting in locking the watch. Not sure if that issue was ever mitigated, but that’s one potential use of this technology.
  • Reply 6 of 20
    tjwolftjwolf Posts: 293member
    "The Apple Watch is the only mobile device Apple produces that does not offer biometric security, with the wearable timepiece requiring a user to enter a PIN on the display to unlock it."  Uh, (1) AirPods are a mobile device without biometric security, (2) Apple Watch doesn't require a pin to unlock it, provided it can pair with an iPhone that is subsequently unlocked once.
  • Reply 7 of 20
    mknelsonmknelson Posts: 362member
    Interesting concept, but I wonder how well that works when the watch doesn't sit in exactly the same spot. My watch shifts up and down my wrist and inch or more.
  • Reply 8 of 20
    SoliSoli Posts: 9,208member
    Why do you say 1 in 10,000?  My watch PIN is 8 digits.  That makes it 1 in 100,000,000, does it not?
    Using a non-4-digit PIN on your Watch is even more secure than having an 8-digit PIN because it doesn't auto-submit with any other value except for the default PIN setup. 

    Since a 4-digit PIN will auto-submit—even if you uncheck Simple Passcode In the iPhone Watch app—the minimum length someone could reasonably assume for your Watch PIN is 5-digits, which would give them 100,000 possibilities to try. Knowing nothing else, they'd then have to try 6-digits for 1 million possibilities, then 7-digits for 10 million possibilities, before finally coming to 8-digits for 100 million possibilities.

    That's 100 million + 10 million + 1 million + 100,000 for a total of 111,100,000 possibilities for your setup. The maximum is 10-digits for 10,000,000,000 possibilities, or 11,111,100,000 in total if you don't know how many digits are in their PIN.

    Well, yours was more secure until you told everyone your PIN is 8-digits. :smiley: 

    PS: I'd like Apple to offer more options than a BASE-10 system. Not that I necessary want to type in more characters, but offering more character options means I can type in fewer characters while also having a more secure device. For example, being able to choose from a selection of distinct emoji would allow me to create a story with a few simple pictograms that that are easy to remember but also escalate my password complexity for hackers.
    roundaboutnow
  • Reply 9 of 20
    joerice50joerice50 Posts: 1unconfirmed, member
    Do pioneers always get shafted? Lets see? https://sites.google.com/site/veinpatternhome/
  • Reply 10 of 20
    SoliSoli Posts: 9,208member
    joerice50 said:
    Do pioneers always get shafted? Lets see? https://sites.google.com/site/veinpatternhome/
    It seems like you're implying Apple stole someone else's research or technology. Can you back that up?
  • Reply 11 of 20
    dcgoodcgoo Posts: 215member
    Why do you say 1 in 10,000?  My watch PIN is 8 digits.  That makes it 1 in 100,000,000, does it not?
    Probably more than that.  Once you use something other than 4-digits, it is no longer possible to tell the length of the passcode.
    beowulfschmidt
  • Reply 12 of 20
    StrangeDaysStrangeDays Posts: 8,310member
    spice-boy said:
    that's too much tech for a relatively cheap device. 
    What does that even mean? Do you comprehend how much incredible tech has been miniaturized and placed into the AW, a computer on your wrist?
    coolfactormacplusplus
  • Reply 13 of 20
    StrangeDaysStrangeDays Posts: 8,310member
    tjwolf said:
    "The Apple Watch is the only mobile device Apple produces that does not offer biometric security, with the wearable timepiece requiring a user to enter a PIN on the display to unlock it."  Uh, (1) AirPods are a mobile device without biometric security, (2) Apple Watch doesn't require a pin to unlock it, provided it can pair with an iPhone that is subsequently unlocked once.
    APs are an accessory, and not yet a computing device on their own.

    AW requires a pin to unlock, but it can also use the iphone as pass-thru authentication. The discussion and context is on the AW solo, as it is not required to have the iphone on you to operate the AW, especially so with cellular. 

  • Reply 14 of 20
    spice-boyspice-boy Posts: 901member
    spice-boy said:
    that's too much tech for a relatively cheap device. 
    What does that even mean? Do you comprehend how much incredible tech has been miniaturized and placed into the AW, a computer on your wrist?
    Sure to your question but I just don't care. 
  • Reply 15 of 20
    coolfactorcoolfactor Posts: 1,509member
    Folio said:
    Huh? A PIN isnt always required if your AppleWatch is tethered to an iPhone that does the authentication. Most days When I put on Watch my iphone X eliminates the tedium.

    Agreed. I'm not always prompted for a PIN, although I can't pinpoint the pattern. Maybe my iPhone is the other factor? I thought [I read that] the Watch did biometric authentication by recognizing the wearer's heartbeat pattern, etc?

  • Reply 16 of 20
    coolfactorcoolfactor Posts: 1,509member
    joerice50 said:
    Do pioneers always get shafted? Lets see? https://sites.google.com/site/veinpatternhome/
    So Apple should just blindly pay someone else without doing their own research and development? Seems naive and irresponsible to me. Apple is not claiming to have invented this idea, are they? Why would you automatically jump to thinking they are trying to shaft someone? Glass half empty?

    Now, take a moment and imagine two brilliant engineers on opposite sides of the globe coming up with the same idea without knowing about each other's work. Yes, it's possible. And both are valid, genuine, original ideas in their own right.
  • Reply 17 of 20
    Folio said:
    Huh? A PIN isnt always required if your AppleWatch is tethered to an iPhone that does the authentication. Most days When I put on Watch my iphone X eliminates the tedium.
    I know plenty of people that have no PIN on their Apple Watch, mostly because they didn't know it could be unlocked by unlocking their iPhone. So, a PIN isn't even a requirement at all.Soli said:
    Why do you say 1 in 10,000?  My watch PIN is 8 digits.  That makes it 1 in 100,000,000, does it not?
    Using a non-4-digit PIN on your Watch is even more secure than having an 8-digit PIN because it doesn't auto-submit with any other value except for the default PIN setup. 

    Since a 4-digit PIN will auto-submit—even if you uncheck Simple Passcode In the iPhone Watch app—the minimum length someone could reasonably assume for your Watch PIN is 5-digits, which would give them 100,000 possibilities to try. Knowing nothing else, they'd then have to try 6-digits for 1 million possibilities, then 7-digits for 10 million possibilities, before finally coming to 8-digits for 100 million possibilities.

    That's 100 million + 10 million + 1 million + 100,000 for a total of 111,100,000 possibilities for your setup. The maximum is 10-digits for 10,000,000,000 possibilities, or 11,111,100,000 in total if you don't know how many digits are in their PIN.

    Well, yours was more secure until you told everyone your PIN is 8-digits. :smiley: 

    PS: I'd like Apple to offer more options than a BASE-10 system. Not that I necessary want to type in more characters, but offering more character options means I can type in fewer characters while also having a more secure device. For example, being able to choose from a selection of distinct emoji would allow me to create a story with a few simple pictograms that that are easy to remember but also escalate my password complexity for hackers.
    I wish Apple would implement the same thing on iPhone. With a 4- or 6-digit passcode there are either 4 or 6 dots indicating how many digits have been entered. Why not just use the same field that they supply for an alpha-numeric passcode? At a minimum it makes it less clear what someone needs to enter to gain unauthorized access.
  • Reply 18 of 20
    tundraboytundraboy Posts: 1,620member
    I've been waiting for Apple to move on this front.  A biometric sensor on the back of the Watch is the key to a universal authenticator:  Any financial transaction that involves your social security number or any of your financial accounts --bank, credit card, etc. gets run by your Watch and proceeds only if 1) the watch authenticates that you are currently wearing it and 2) you manually clear the transaction.
  • Reply 19 of 20
    macguimacgui Posts: 1,383member
    Soli said:
    Well, yours was more secure until you told everyone your PIN is 8-digits. :smiley: 
    ROFL that was funny. I don't want to try to enter a 26-digit password on my Watch, but I'd like some simple alternatives, such as a long press on any of the 0-9 digits brings up a letter or a letter then special character. That would enhance security with minimal loss of convenience, the first casualty of security.

    I too use a PIN in excess of 4 digits. I wish the iPhone wouldn't show how many digits are required, similar to the watch and iPad.


    Folio said:
    Huh? A PIN isnt always required if your AppleWatch is tethered to an iPhone that does the authentication. Most days When I put on Watch my iphone X eliminates the tedium.

    Agreed. I'm not always prompted for a PIN, although I can't pinpoint the pattern. Maybe my iPhone is the other factor? I thought [I read that] the Watch did biometric authentication by recognizing the wearer's heartbeat pattern, etc?


    Wow I completely forgot about unlocking the phone (TID in my case) also unlocking the Watch. Generally when I put on my Watch the phone isn't immediately handy and it's just quicker to automatically enter my PIN than get the phone and unlock it. It might be a few hours before I get around to that and my heath data isn't recorded during that time AFAICT. I've missed some Stand counts because of that.
  • Reply 20 of 20
    macgui said:
    Soli said:
    Well, yours was more secure until you told everyone your PIN is 8-digits. :smiley: 
    ROFL that was funny. I don't want to try to enter a 26-digit password on my Watch, but I'd like some simple alternatives, such as a long press on any of the 0-9 digits brings up a letter or a letter then special character. That would enhance security with minimal loss of convenience, the first casualty of security.

    I too use a PIN in excess of 4 digits. I wish the iPhone wouldn't show how many digits are required, similar to the watch and iPad.


    Folio said:
    Huh? A PIN isnt always required if your AppleWatch is tethered to an iPhone that does the authentication. Most days When I put on Watch my iphone X eliminates the tedium.

    Agreed. I'm not always prompted for a PIN, although I can't pinpoint the pattern. Maybe my iPhone is the other factor? I thought [I read that] the Watch did biometric authentication by recognizing the wearer's heartbeat pattern, etc?


    Wow I completely forgot about unlocking the phone (TID in my case) also unlocking the Watch. Generally when I put on my Watch the phone isn't immediately handy and it's just quicker to automatically enter my PIN than get the phone and unlock it. It might be a few hours before I get around to that and my heath data isn't recorded during that time AFAICT. I've missed some Stand counts because of that.
    Health data is definitely recorded prior to unlocking as long as the Watch is being worn. I usually get my first two Stand hours of the day before unlocking my Watch. Not to mention steps, calories and minutes counted. 
Sign In or Register to comment.