Open AccessPosted Content
TouchIn: Sightless Two-factor Authentication on Multi-touch Mobile Devices
TLDR
This paper focuses on designing, implementing, and evaluating TouchIn, a two-factor authentication system on multi-touch mobile devices that allows the user to draw on arbitrary regions on the touchscreen without looking at it.Abstract:
Mobile authentication is indispensable for preventing unauthorized access to multi-touch mobile devices. Existing mobile authentication techniques are often cumbersome to use and also vulnerable to shoulder-surfing and smudge attacks. This paper focuses on designing, implementing, and evaluating TouchIn, a two-factor authentication system on multi-touch mobile devices. TouchIn works by letting a user draw on the touchscreen with one or multiple fingers to unlock his mobile device, and the user is authenticated based on the geometric properties of his drawn curves as well as his behavioral and physiological characteristics. TouchIn allows the user to draw on arbitrary regions on the touchscreen without looking at it. This nice sightless feature makes TouchIn very easy to use and also robust to shoulder-surfing and smudge attacks. Comprehensive experiments on Android devices confirm the high security and usability of TouchIn.read more
Citations
More filters
Journal ArticleDOI
Surveying the Development of Biometric User Authentication on Mobile Phones
TL;DR: This paper surveys the development of existing biometric authentication techniques on mobile phones, particularly on touch-enabled devices, with reference to 11 biometric approaches and proposes a framework for establishing a reliable authentication mechanism through implementing a multimodal biometric user authentication in an appropriate way.
Proceedings Article
Towards Continuous and Passive Authentication via Touch Biometrics: An Experimental Study on Smartphones
TL;DR: This work adopts a continuous and passive authentication mechanism based on a user’s touch operations on the touchscreen that is suitable for smartphones, as it requires no extra hardware or intrusive user interface.
Journal ArticleDOI
Multi-factor authentication: A survey
Aleksandr Ometov,Sergey Bezzateev,Niko Mäkitalo,Sergey Andreev,Tommi Mikkonen,Yevgeni Koucheryavy +5 more
TL;DR: The already available and emerging sensors (factor providers) that allow for authenticating a user with the system directly or by involving the cloud are surveyed and a framework for qualifying the missing factors by authenticating the user without disclosing sensitive biometric data to the verification entity is proposed.
Proceedings ArticleDOI
Hold and Sign: A Novel Behavioral Biometrics for Smartphone User Authentication
TL;DR: A new, bi-modal behavioral biometric solution for user authentication that takes into account micro-movements of a phone and movements of the user's finger during writing or signing on the touchscreen.
Journal ArticleDOI
Draw-a-pin
TL;DR: Draw-A-PIN could offer better security by utilizing drawing traits or behavioral biometrics as an additional authentication factor beyond just the secrecy of the PIN.
References
More filters
Book
Convex Optimization
Stephen Boyd,Lieven Vandenberghe +1 more
TL;DR: In this article, the focus is on recognizing convex optimization problems and then finding the most appropriate technique for solving them, and a comprehensive introduction to the subject is given. But the focus of this book is not on the optimization problem itself, but on the problem of finding the appropriate technique to solve it.
Journal ArticleDOI
Dynamic programming algorithm optimization for spoken word recognition
TL;DR: This paper reports on an optimum dynamic progxamming (DP) based time-normalization algorithm for spoken word recognition, in which the warping function slope is restricted so as to improve discrimination between words in different categories.
Proceedings ArticleDOI
uWave: Accelerometer-based personalized gesture recognition and its applications
TL;DR: This work evaluates uWave using a large gesture library with over 4000 samples collected from eight users over an elongated period of time for a gesture vocabulary with eight gesture patterns identified by a Nokia research and shows that uWave achieves 98.6% accuracy, competitive with statistical methods that require significantly more training samples.
Smudge attacks on smartphone touch screens
TL;DR: This paper examines the feasibility of smudge attacks on touch screens for smartphones, and focuses on the Android password pattern, and provides a preliminary analysis of applying the information learned in a smudge attack to guessing an Android passwordpattern.
Proceedings ArticleDOI
Touch me once and i know it's you!: implicit authentication based on touch screen patterns
TL;DR: In this article, an implicit authentication approach that enhances password patterns with an additional security layer, transparent to the user, is introduced, where users are not only authenticated by the shape they input but also by the way they perform the input.