This work proposes AccLock, a passive authentication system that leverages in-ear accelerometer signals to capture cardiac biometrics without requiring explicit user interaction or device cooperation. Addressing the limitations of existing ear-worn authentication methods—particularly their susceptibility to environmental noise and reliance on active user engagement—AccLock introduces a two-stage denoising mechanism to enhance signal fidelity, a novel HIDNet architecture to disentangle user-specific physiological features from common-mode interference, and a scalable twin-network-based authentication framework that eliminates the need for per-user model retraining. Evaluated with 33 participants, the system achieves an average false acceptance rate (FAR) of 3.13% and false rejection rate (FRR) of 2.99%, demonstrating its practical viability for seamless, round-the-clock, and noise-resilient user verification.

The widespread use of earphones has enabled various sensing applications, including activity recognition, health monitoring, and context-aware computing. Among these, earphone-based user authentication has become a key technique by leveraging unique biometric features. However, existing earphone-based authentication systems face key limitations: they either require explicit user interaction or active speaker output, or suffer from poor accessibility and vulnerability to environmental noise, which hinders large-scale deployment. In this paper, we propose a passive authentication system, called AccLock, which leverages distinctive features extracted from in-ear BCG signals to enable secure and unobtrusive user verification. Our system offers several advantages over previous systems, including zero-involvement for both the device and the user, ubiquitous, and resilient to environmental noise. To realize this, we first design a two-stage denoising scheme to suppress both inherent and sporadic interference. To extract user-specific features, we then propose a disentanglement-based deep learning model, HIDNet, which explicitly separates user-specific features from shared nuisance components. Lastly, we develop a scalable authentication framework based on a Siamese network that eliminates the need for per-user classifier training. We conduct extensive experiments with 33 participants, achieving an average FAR of 3.13% and FRR of 2.99%, which demonstrates the practical feasibility of AccLock.