TY - JOUR
T1 - TDAS: A Touch Dynamics based Multi-Factor Authentication Solution for Mobile Devices
AU - Teh, Pin Shen
AU - Zhang, Ning
AU - Teoh, Andrew Beng Jin
AU - Chen, Ke
PY - 2016
Y1 - 2016
N2 - The use of mobile devices in handling our daily activities that involve the storage or access of sensitive data (e.g. on-line banking, paperless prescription services, etc.) is becoming very common. These mobile electronic services typically use a knowledge-based authentication method to authenticate a user (claimed identity). However, this authentication method is vulnerable to several security attacks. To counter the attacks and to make the authentication process more secure, this paper investigates the use of touch dynamics biometrics in conjunction with a PIN-based authentication method, and demonstrates its benefits in terms of strengthening the security of authentication services for mobile device. The investigation has made use of three light-weighted matching functions and a comprehensive reference dataset collected from 150 subjects. The investigative results show that, with this multi-factor authentication approach, even when the PIN is exposed, as much as 9 out of 10 impersonation attempts can be successfully identified. It has also been discovered that the accuracy performance can be increased by combining different feature data types and by increasing the input string length. The novel contributions of this paper are two-fold. Firstly, it describes how a comprehensive experiment is set up to collect touch dynamics biometrics data, and the set of collected data is being made publically available, which may facilitate further research in the problem domain. Secondly, the paper demonstrates how the dataset may be used to strengthen the protection of resources that are accessible via mobile devices.
AB - The use of mobile devices in handling our daily activities that involve the storage or access of sensitive data (e.g. on-line banking, paperless prescription services, etc.) is becoming very common. These mobile electronic services typically use a knowledge-based authentication method to authenticate a user (claimed identity). However, this authentication method is vulnerable to several security attacks. To counter the attacks and to make the authentication process more secure, this paper investigates the use of touch dynamics biometrics in conjunction with a PIN-based authentication method, and demonstrates its benefits in terms of strengthening the security of authentication services for mobile device. The investigation has made use of three light-weighted matching functions and a comprehensive reference dataset collected from 150 subjects. The investigative results show that, with this multi-factor authentication approach, even when the PIN is exposed, as much as 9 out of 10 impersonation attempts can be successfully identified. It has also been discovered that the accuracy performance can be increased by combining different feature data types and by increasing the input string length. The novel contributions of this paper are two-fold. Firstly, it describes how a comprehensive experiment is set up to collect touch dynamics biometrics data, and the set of collected data is being made publically available, which may facilitate further research in the problem domain. Secondly, the paper demonstrates how the dataset may be used to strengthen the protection of resources that are accessible via mobile devices.
KW - Mobile Authentication, Touch Dynamics, Biometrics, Keystroke Dynamics, Benchmark Dataset.
U2 - 10.1108/IJPCC-01-2016-0005
DO - 10.1108/IJPCC-01-2016-0005
M3 - Article
SN - 1742-7371
JO - International Journal of Pervasive Computing and Communications
JF - International Journal of Pervasive Computing and Communications
ER -