TOKEN: Trustable Keystroke-Based Authentication for Web-Based Applications on Smartphones

Nauman, Mohammad; Ali, Tamleek

doi:10.1007/978-3-642-13365-7_28

Cited by 5 publications

(8 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Therefore, using lock patterns as a remote authentication method could result in linkability attacks and user profiling even when using different pseudonyms and patterns as passwords at different services' sites. Nevertheless, architectures have been proposed for authenticating smart phone users to remote web services in a privacy-friendly manner with the use of the previously mentioned Trusted Executing Environment (TEE) [24] [25]. This approach is also being considered within the U-PrIM project, where the existence of such TEE running on the mobile device is assumed, keeping the biometrics data secured under the users' control.…”

Section: Implications and Discussionmentioning

confidence: 99%

“…Specifically, research done on the analysis of keystroke dynamics for identifying users as they type on a mobile phone can be found in [7], [8], [16], [24], [33] and others. One of these studies, [7], considers the dynamics of typed 4-digit PIN codes, in which the researchers achieved an average Equal Error Rate (ERR) 2 of 8.5%.…”

Section: Related Workmentioning

confidence: 99%

“…At the same time, imposing the use of alphanumeric passwords on mobile devices creates the problem that users tend to choose simpler, weaker or repetitive passwords [24], since complicated strong passwords are harder to type on smaller on-screen keyboards. Therefore, suggestions for more unobtrusive methods for authentication on mobile smart phones have emerged as an alternative to typed passwords, such as gait biometrics (achieving an EER of 20.1%) [10] [26], or the unique movement users perform when answering or placing a phone call (EER being between 4.5% and 9.5%) [9].…”

Section: Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Exploring Touch-Screen Biometrics for User Identification on Smart Phones

Angulo

Wästlund

2012

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

Abstract. The use of mobile smart devices for storing sensitive information and accessing online services is increasing. At the same time, methods for authenticating users into their devices and online services that are not only secure, but also privacy and user-friendly are needed. In this paper, we present our initial explorations of the use of lock pattern dynamics as a secure and user-friendly two-factor authentication method. We developed an application for the Android mobile platform to collect data on the way individuals draw lock patterns on a touchscreen. Using a Random Forest machine learning classifier this method achieves an average Equal Error Rate (EER) of approximately 10.39%, meaning that lock patterns biometrics can be used for identifying users towards their device, but could also pose a threat to privacy if the users' biometric information is handled outside their control.

show abstract

Section: Implications and Discussionmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Exploring Touch-Screen Biometrics for User Identification on Smart Phones

Angulo

Wästlund

2012

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

show abstract

“…Specifically, most of the www.ijarai.thesai.org research done on the analysis of keystroke dynamics are for identifying users as they type on a mobile phone. Some can be found in [1], [2], [6], [7], [9] and others. One of these studies, [1], considers the dynamics of typed 4-digit PIN codes, in which the researchers achieved an average Equal Error Rate (ERR) 2 of 8.5%.…”

Section: Related Literaturementioning

confidence: 99%

“…Imposing the use of alphanumeric passwords on mobile devices creates the problem that users tend to choose simpler, weaker or repetitive passwords [7], since complicated strong passwords are harder to type on smaller on-screen keyboards. Therefore, suggestions for more unobtrusive methods for authentication on mobile smart phones have emerged as an alternative to typed passwords, such as gait biometrics (achieving an EER of 20.1%) [4] [8], or the unique movement users perform when answering or placing a phone call (EER being between 4.5% and 9.5%) [3].…”

Section: Related Literaturementioning

confidence: 99%

Pattern of Success Vs. Pattern of Failure: Adaptive Authentication Through Kolmogorov–Smirnov (K-S) Statistics

Hossain¹,

Palaniswamy²,

Challoo³

2016

ijarai

View full text Add to dashboard Cite

Abstract-Smartphones have become a basic necessity in lives of all human beings. Apart from the core functionality of communication, these become a medium for storage of sensitive personal information, financial data and official documents. Hence, there is an inevitable need to emphasize on securing access to such devices considering the nature of data being stored. In addition, accessibility and authentication methods need to secure, robust, and user-friendly. This paper discusses an adaptive authentication mechanism with a nonparametric classification approach, Kolmogorov-Smirnov (K-S) statistic, which is coupled with the use of lock pattern dynamics as a secure and user-friendly two-factor authentication method. The data used for experimental exploration were collected from a systematically programmed Android device to capture the temporal parameters when individuals drew lock patterns on the touch screen. Each user has his individualistic way of drawing the pattern, which is used as the key for identifying imposters from valid users.

show abstract