Adaptive, Privacy‑Preserving Continuous Background Verification
Multimodal on‑device trust fusion to protect active sessions against shoulder‑surfing, opportunistic misuse, and simple replay—without leaking raw images.
~<300mstarget time‑to‑blur
<1%false‑positive goal
0images sent to server
Problem
After login, sessions remain exposed. Nearby people can glance or continue use on an unlocked device; basic face checks can be spoofed with replays; one‑shot auth doesn’t confirm ongoing ownership.
Approach
- On‑device signals: presence/match to enrolled user (local embeddings), liveness cues (blink/pose), short‑window keystroke/mouse dynamics.
- Trust fusion: continuous score with hysteresis; no cloud inference; WASM/WebGPU acceleration where available.
- Progressive safeguards: blur/redact → limit risky actions → WebAuthn step‑up or lock.
Architecture
Browser AgentgetUserMedia + local models, behavior sampling
Trust Enginefusion + hysteresis, policy rules
Safeguardsblur/mask · limit actions · WebAuthn
Server (optional)aggregate metrics only, no raw media
Results (planned & early)
- Faster hiding of sensitive data when owner steps away or anomalies occur.
- Normal usage recovers quickly from brief trust dips.
- Opportunistic handovers/replays more likely to trigger protections before damage.
- Privacy preserved: no raw video stored; minimal features remain locally.
Evaluation Plan
- Time‑to‑obfuscation (ms), false‑positive/negative rates
- ATO reduction %, user‑perceived friction
- CPU/battery impact, model load latency