There are already a variety of technologies for verifying a computer user's identity when they attempt to access sensitive data ... data such as patients' health records on hospital computer systems. The problem is, those users may sometimes forget to log off when they're done, or they may temporarily leave their computer unguarded when leaving their desk. That's why Dartmouth College computer science student Shrirang Mare is developing ZEBRA. It utilizes a sensor-equipped bracelet to continuously authenticate a user's identity.

In its current prototype form, ZEBRA (Zero-Effort Bilateral Recurring Authentication) utilizes a commercially-available fitness-tracking bracelet. That device is worn on the user's dominant wrist, and contains an accelerometer, gyroscope, and radio transmitter.

The user starts by logging into a computer network, using an existing verification technique. From there, as they type and use the mouse, the bracelet wirelessly transmits their wrist movement data to their computer. Software on the computer then matches those movements up with the corresponding input that it's receiving from its keyboard and mouse.

As long as that input is accompanied by the proper wrist movements, then the computer knows that it's dealing with the verified user – or someone wearing their bracelet, at least. Should someone else try accessing the computer when the user's back is turned, however, the keyboard/mouse signals won't be accompanied by the matching wrist movement data, so ZEBRA will shut them out.

In lab tests conducted so far, the system has proven 85 percent accurate in continuously authenticating users, and identifying "adversaries" within 11 seconds.

According to Prof. David Kotz, senior author of a study on the technology, ZEBRA could also be adapted for use with smartphones or tablets. Down the road it may additionally find its way into devices such as TV remotes or game controllers, recognizing users by their movements and then switching over to their personalized settings.