Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Assessing the Privacy Risk of Cross-Platform Identity Linkage using Eye Movement Biometrics

Samantha Aziz, Oleg Komogortsev

TL;DR

This paper investigates the privacy risks of cross-platform identity linkage using eye movement biometrics by evaluating EyeKnowYouToo (EKYT) across three eye-tracking devices. It employs a threat-model framework and end-to-end embedding-based verification and identification with 5- and 60-second eye-movement windows, reporting $EER$ and $IR$ metrics. The results show above-chance cross-platform verification and identification for at least one device pair, while cross-device performance is highly sensitive to signal quality and device similarity to the training data, with MindLink yielding near-chance results. These findings illuminate privacy implications in ubiquitous eye tracking and motivate defenses and broader cross-device testing.

Abstract

The recent emergence of ubiquitous, multi-platform eye tracking has raised user privacy concerns over re-identification across platforms, where a person is re-identified across multiple eye tracking-enabled platforms using personally identifying information that is implicitly expressed through their eye movement. We present an empirical investigation quantifying a modern eye movement biometric model's ability to link subject identities across three different eye tracking devices using eye movement signals from each device. We show that a state-of-the art eye movement biometrics model demonstrates above-chance levels of biometric performance (34.99% equal error rate, 15% rank-1 identification rate) when linking user identities across one pair of devices, but not for the other. Considering these findings, we also discuss the impact that eye tracking signal quality has on the model's ability to meaningfully associate a subject's identity between two substantially different eye tracking devices. Our investigation advances a fundamental understanding of the privacy risks for identity linkage across platforms by employing both quantitative and qualitative measures of biometric performance, including a visualization of the model's ability to distinguish genuine and imposter authentication attempts across platforms.

Assessing the Privacy Risk of Cross-Platform Identity Linkage using Eye Movement Biometrics

TL;DR

This paper investigates the privacy risks of cross-platform identity linkage using eye movement biometrics by evaluating EyeKnowYouToo (EKYT) across three eye-tracking devices. It employs a threat-model framework and end-to-end embedding-based verification and identification with 5- and 60-second eye-movement windows, reporting and metrics. The results show above-chance cross-platform verification and identification for at least one device pair, while cross-device performance is highly sensitive to signal quality and device similarity to the training data, with MindLink yielding near-chance results. These findings illuminate privacy implications in ubiquitous eye tracking and motivate defenses and broader cross-device testing.

Abstract

The recent emergence of ubiquitous, multi-platform eye tracking has raised user privacy concerns over re-identification across platforms, where a person is re-identified across multiple eye tracking-enabled platforms using personally identifying information that is implicitly expressed through their eye movement. We present an empirical investigation quantifying a modern eye movement biometric model's ability to link subject identities across three different eye tracking devices using eye movement signals from each device. We show that a state-of-the art eye movement biometrics model demonstrates above-chance levels of biometric performance (34.99% equal error rate, 15% rank-1 identification rate) when linking user identities across one pair of devices, but not for the other. Considering these findings, we also discuss the impact that eye tracking signal quality has on the model's ability to meaningfully associate a subject's identity between two substantially different eye tracking devices. Our investigation advances a fundamental understanding of the privacy risks for identity linkage across platforms by employing both quantitative and qualitative measures of biometric performance, including a visualization of the model's ability to distinguish genuine and imposter authentication attempts across platforms.
Paper Structure (18 sections, 4 figures, 5 tables)

This paper contains 18 sections, 4 figures, 5 tables.

Table of Contents

  1. Introduction
  2. Background and Prior Work
  3. Eye Movement Biometrics (EMB)
  4. Privacy Implications of Pervasive Eye Tracking
  5. Methodology
  6. Threat Model
  7. Biometric Model
  8. Data sets
  9. Data Preprocessing
  10. Evaluation Methodology
  11. Results
  12. Cross-Platform Verification
  13. Cross-Platform Identification
  14. Device vs Subject Effects on Embedding Space
  15. Discussion
  16. ...and 3 more sections

Figures (4)

  • Figure 1: An example of an attack described by our threat model. Blue arrows indicate benign activity, and red arrows indicate malicious activity.
  • Figure 2: ROC curves for biometric verification on 5-second enrollment (left) and 60-second enrollment (right) across the three devices.
  • Figure 3: Similarity distributions for genuine and imposter subjects for embeddings created with 5 seconds and 60 seconds of data.
  • Figure 4: A DensMap visualization of the embedding space for all 60-second embeddings generated by EKYT.