skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: What is More Important for Touch Dynamics based Mobile User Authentication?
Mobile user authentication (MUA) has become a gatekeeper for securing a wealth of personal and sensitive information residing on mobile devices. Keystrokes and touch gestures are two types of touch behaviors. It is not uncommon for a mobile user to make multiple MUA attempts. Nevertheless, there is a lack of an empirical comparison of different types of touch dynamics based MUA methods across different attempts. In view of the richness of touch dynamics, a large number of features have been extracted from it to build MUA models. However, there is little understanding of what features are important for the performance of such MUA models. Further, the training sample size of template generation is critical for real-world application of MUA models, but there is a lack of such information about touch gesture based methods. This study is aimed to address the above research limitations by conducting experiments using two MUA prototypes. Their empirical results can not only serve as a guide for the design of touch dynamics based MUA methods but also offer suggestions for improving the performance of MUA models.  more » « less
Award ID(s):
1917537
PAR ID:
10167262
Author(s) / Creator(s):
Date Published:
Journal Name:
PACIS 2020 Proceedings
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; (, Twenty-fifth Americas Conference on Information Systems)
    Despite that tremendous progress has been made in mobile user authentication (MUA) in recent years, continuous mobile user authentication (CMUA), in which authentication is performed continuously after initial login, remains under studied. In addition, although one-handed interaction with a mobile device becomes increasingly common, one-handed CMUA has never been investigated in the literature. There is a lack of investigation of the CMUA performance between one-handed and two-handed interactions. To fill the literature gap, we developed a new CMUA method based on touch dynamics of thumb scrolling on the touchscreen of a mobile device. We developed a mobile app of the proposed CMUA method and evaluated its effectiveness with data collected from a user study. The findings have implications for the design of effective CMUA using touch dynamics and for improvement of accessibility and usability of MUA mechanisms. 
    more » « less
  2. ; ; (, International Journal of Human–Computer Interaction)
    Assistive technology is extremely important for maintaining and improving the elderly’s quality of life. Biometrics-based mobile user authentication (MUA) methods have witnessed rapid development in recent years owing to their usability and security benefits. However, there is a lack of a comprehensive review of such methods for the elderly. The primary objective of this research is to analyze the literature on state-of-the-art biometrics-based MUA methods via the lens of elderly users’ accessibility needs. In addition, conducting an MUA user study with elderly participants faces significant challenges, and it remains unclear how the performance of the elderly compares with non-elderly users in biometrics-based MUA. To this end, this research summarizes method design principles for user studies involving elderly participants and reveals the performance of elderly users relative to non-elderly users in biometrics-based MUA. The article also identifies open research issues and provides suggestions for the design of effective and accessible biometrics based MUA methods for the elderly. 
    more » « less
  3. ; ; ; (, IEEE International Conference on Intelligence and Security Informatics (ISI))
    Password-based mobile user authentication is vulnerable to shoulder-surfing. Despite the increasing research on user password entry behavior and mobile security, there is limited understanding of how an adversary identifies a password through shoulder-surfing during mobile authentication. This study empirically examines the behaviors and strategies of password identification through shoulder-surfing with multiple observation attempts and from different observation distances. The results of analyzing data collected from a user study reveal the strategies and dynamics of password identification behaviors. The findings have implications for enhancing users’ password security and improving the design of mobile authentication methods. 
    more » « less
  4. ; ; ; ; (, Proceedings on Privacy Enhancing Technologies)
    We show a new type of side-channel leakage in which the built-in magnetometer sensor in Apple's mobile devices captures touch events of users. When a conductive material such as the human body touches the mobile device screen, the electric current passes through the screen capacitors generating an electromagnetic field around the touch point. This electromagnetic field leads to a sharp fluctuation in the magnetometer signals when a touch occurs, both when the mobile device is stationary and held in hand naturally. These signals can be accessed by mobile applications running in the background without requiring any permissions. We develop iSTELAN, a three-stage attack, which exploits this side-channel to infer users' application and touch data. iSTELAN translates the magnetometer signals to a binary sequence to reveal users' touch events, exploits touch event patterns to fingerprint the type of application a user is using, and models touch events to identify users' touch event types performed on different applications. We demonstrate the iSTELAN attack on 22 users while using 7 popular app types and show that it achieves an average accuracy of 90% for disclosing touch events, 74% for classifying application type used, and 73% for detecting touch event types. 
    more » « less
  5. (, CVPR Workshop on Computer Vision for Augmented and Virtual Reality)
    null (Ed.)
    Hand-gesture and in-air-handwriting provide ways for users to input information in Augmented Reality (AR) and Virtual Reality (VR) applications where a physical keyboard or a touch screen is unavailable. However, understanding the movement of hands and fingers is challenging, which requires a large amount of data and data-driven models. In this paper, we propose an open research infrastructure named FMKit for in-air-handwriting analysis, which contains a set of Python libraries and a data repository collected from over 180 users with two different types of motion capture sensors. We also present three research tasks enabled by FMKit, including in-air-handwriting based user authentication, user identification, and word recognition, and preliminary baseline performance. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email