Who's Wearing? Ear Canal Biometric Key Extraction for User Authentication on Wireless Earbuds

TL;DR

The paper tackles privacy-preserving biometric authentication for wireless earbuds by proposing EarID, a learning-free key-extraction protocol that runs entirely on the earbuds and uses a privacy-preserving fuzzy commitment on the mobile device for verification. It replaces classifier-based decisions with a fixed-length binary key derived from ear canal signals, enabling efficient, on-device processing and secure communication without transmitting raw biometric data. EarID achieves authentication accuracy comparable to ML classifiers (around 98–99%), with fast enrollment (~160 ms) and earbud processing (~226 ms), and demonstrates robustness against multiple attack models with false-acceptance rates below 1%. The approach offers practical, scalable, and privacy-preserving authentication for next-generation ear-worn devices, with strong potential for updates and extensions in real-world deployments.

Abstract

Ear canal scanning/sensing (ECS) has emerged as a novel biometric authentication method for mobile devices paired with wireless earbuds. Existing studies have demonstrated the uniqueness of ear canals by training and testing machine learning classifiers on ECS data. However, implementing practical ECS-based authentication requires preventing raw biometric data leakage and designing computationally efficient protocols suitable for resource-constrained earbuds. To address these challenges, we propose an ear canal key extraction protocol, \textbf{EarID}. Without relying on classifiers, EarID extracts unique binary keys directly on the earbuds during authentication. These keys further allow the use of privacy-preserving fuzzy commitment scheme that verifies the wearer's key on mobile devices. Our evaluation results demonstrate that EarID achieves a 98.7\% authentication accuracy, comparable to machine learning classifiers. The mobile enrollment time (160~ms) and earbuds processing time (226~ms) are negligible in terms of wearer's experience. Moreover, our approach is robust and attack-resistant, maintaining a false acceptance rate below 1\% across all adversarial scenarios. We believe the proposed EarID offers a practical and secure solution for next-generation wireless earbuds.

Figures (11)

• Figure 1: Illustration of ear canal scanning/sensing. The user inserts the earbuds to run ear canal scanning, acoustic sensing the unique ear canal structure, for biometric user authentication.
• Figure 2: EarID authentication protocol for enrollment and authentication stage. Enrollment: earbuds locally run (1) ear canal scanning (ECS), (2) cepstral feature extraction and data transmission; and then mobile devices runs (3) helper data generation (send to earbuds) for (4) key extraction (stored at mobile devices). Authentication: wireless earbuds run (1) on-device key extraction based on new ECS data, (2) commitment generation and transmission; and then mobile devices runs (3) decommitment and verification.
• Figure 3: Impact of passive and active noise cancellation (ANC) for (a) EarID testbed and (b) Apple Airpods Pro airpods-noise-cancelling.
• Figure 4: Impact of occlusion effect amplified body sound, interfering acoustic sensing at low frequencies ($<$2 kHz)
• Figure 5: Cross-correlation of (a) FFT features (strong correlation) and (b) cepstral features (independent).