The pervasive and prevalent use of touch-screen mobile phones in both work and daily life has generated more and more private and sensitive information on those devices. Accordingly, there is an ever-increasing need to improve the security of mobile phones. Recent advances in mobile user authentication technologies mainly focus on entry-point authentication. Although post-login continuous authentication has attracted increasing attention from researchers, none of the previous studies addressed mobile user authentication at both stages simultaneously. In addition, extant authentication systems are subject to the common trade-off between security and usability. To address the above limitations, we propose Harmonized Authentication based on Thumb Stroke dynamics (HATS) that supports both entry-point and post-login mobile user authentication. HATS integrates password, gesture, keystroke, and touch dynamics based authentication methods to address the vulnerabilities of individual methods to certain security attacks. Moreover, HATS supports one-handed thumb stroke based interaction with touch screen mobile phones to improve the usability of authentication systems. We empirically evaluated HATS through controlled lab experiments. The results provide strong evidence that HATS improved both security and usability of mobile user authentication compared with keystroke dynamics based user authentication.
This study is aimed to investigate how the performance of thumb interaction with touch-screen mobile devices via double tap and swipe varies with movement directions of the thumb. A target selection game was used in an empirical study to evaluate users' performance of direction-oriented movements by a thumb on a touch-screen mobile phone in singlehanded interaction. The results revealed that singlehanded swipe outperformed double tap in terms of speed and accuracy. In addition, angle intervals of thumb moving directions influenced thumb movement accuracy, although there was no significant difference in speed among targets presented with three intervals. Particularly, directions with a 36 o interval resulted in the most error-prone task selection for swipe and double tap, and directions with a 45 o interval were more error-prone than directions with a 60 o interval. Finally, directions of thumb movement did not influence how quickly users could perform double tap or swipe in the areas that were comfortable for the thumb, but they had impact on the accuracy of the two operations. The findings of this study provide new insights for research on single-handed interaction and can be used as guidelines to optimize the design of direction-based applications and interfaces for touch-screen mobile phones.
Typing passwords is vulnerable to shoulder-surfing attacks. We proposed a shoulder-surfing resistant scheme embedded in traditional textual passwords in this study. With the proposed scheme, when the password field is on focus, a pattern appears in it as a hint to tell the user how to enter a password. Following the hint, the user needs to skip some characters while typing the password. The characters to be skipped are randomly selected so that an observer will not be able to see the whole password even if the authentication procedure was recorded. We evaluated the proposed scheme in a usability study. Compared to traditional passwords, our scheme achieved a similar level of accuracy while only required marginal additional time to authenticate users. Participants also expressed significantly higher acceptance of the new technique for security-sensitive applications and gave it significantly higher ratings in perceived security, shoulders-surfing resistance, camera-recording resistance, and guessattack resistance.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.