TY - JOUR
T1 - TDAS
T2 - a touch dynamics based multi-factor authentication solution for mobile devices
AU - Teh, Pin Shen
AU - Zhang, Ning
AU - Teoh, Andrew Beng Jin
AU - Chen, Ke
N1 - Publisher Copyright:
© 2016, © Emerald Group Publishing Limited.
Copyright:
Copyright 2016 Elsevier B.V., All rights reserved.
PY - 2016
Y1 - 2016
N2 - Purpose–The use of mobile devices in handling our daily activities that involve the storage or access of sensitive data (e.g. on-line banking, paperless prescription services, etc.) is becoming very common. These mobile electronic services typically use a knowledge-based authentication method to authenticate a user (claimed identity). However, this authentication method is vulnerable to several security attacks. To counter the attacks and to make the authentication process more secure, this paper aims to investigate the use of touch dynamics biometrics in conjunction with a personal identification number (PIN)-based authentication method, and demonstrate its benefits in terms of strengthening the security of authentication services for mobile devices. Design/methodology/approach–The investigation has made use of three light-weighted matching functions and a comprehensive reference data set collected from 150 subjects. Findings–The investigative results show that, with this multi-factor authentication approach, even when the PIN is exposed, as much as nine out of ten impersonation attempts can be successfully identified. It has also been discovered that the accuracy performance can be increased by combining different feature data types and by increasing the input string length. Originality/value–The novel contributions of this paper are twofold. Firstly, it describes how a comprehensive experiment is set up to collect touch dynamics biometrics data, and the set of collected data is being made publically available, which may facilitate further research in the problem domain. Secondly, the paper demonstrates how the data set may be used to strengthen the protection of resources that are accessible via mobile devices.
AB - Purpose–The use of mobile devices in handling our daily activities that involve the storage or access of sensitive data (e.g. on-line banking, paperless prescription services, etc.) is becoming very common. These mobile electronic services typically use a knowledge-based authentication method to authenticate a user (claimed identity). However, this authentication method is vulnerable to several security attacks. To counter the attacks and to make the authentication process more secure, this paper aims to investigate the use of touch dynamics biometrics in conjunction with a personal identification number (PIN)-based authentication method, and demonstrate its benefits in terms of strengthening the security of authentication services for mobile devices. Design/methodology/approach–The investigation has made use of three light-weighted matching functions and a comprehensive reference data set collected from 150 subjects. Findings–The investigative results show that, with this multi-factor authentication approach, even when the PIN is exposed, as much as nine out of ten impersonation attempts can be successfully identified. It has also been discovered that the accuracy performance can be increased by combining different feature data types and by increasing the input string length. Originality/value–The novel contributions of this paper are twofold. Firstly, it describes how a comprehensive experiment is set up to collect touch dynamics biometrics data, and the set of collected data is being made publically available, which may facilitate further research in the problem domain. Secondly, the paper demonstrates how the data set may be used to strengthen the protection of resources that are accessible via mobile devices.
UR - http://www.scopus.com/inward/record.url?scp=84976443887&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84976443887&partnerID=8YFLogxK
U2 - 10.1108/IJPCC-01-2016-0005
DO - 10.1108/IJPCC-01-2016-0005
M3 - Article
AN - SCOPUS:84976443887
VL - 12
SP - 127
EP - 153
JO - International Journal of Pervasive Computing and Communications
JF - International Journal of Pervasive Computing and Communications
SN - 1742-7371
IS - 1
ER -