actually, Instead of trying to answer “is this definitely the owner?”, the device could continuously evaluate a collection of local trust signals and look for anomalies. In that model, behavioral embeddings could simply contribute to a trust score rather than acting as a standalone biometric factor. The goal would not be identity reconstruction, but determining whether current usage remains consistent with normal device behavior.

That’s an interesting point about behavioral profiles becoming a privacy liability. One possible approach could be to avoid storing identifiable behavioral data altogether. Instead of retaining raw signals (typing patterns, motion data, touch interactions), the device could process them locally and transform them into a non-reversible embedding representation. The original signals could then be discarded, while only the embedding remains available for comparison. Combined with hardware-backed cryptographic protection (for example through Secure Enclave), the system might be able to verify behavioral consistency without preserving the underlying behavioral data itself. Apple’s ecosystem already uses forms of continuous trust signals today — for example, unlocking a Mac with a nearby Apple Watch. It makes me wonder whether future authentication systems could rely on a similar trust model, but with behavioral embeddings acting as an additional signal rather than a standalone biometric factor. Curious to hear your thoughts on whether this would meaningfully reduce the privacy concerns you mentioned.