Dynamic identity verification via keystroke characteristics
International Journal of Man-Machine Studies
Person Identification Using Multiple Cues
IEEE Transactions on Pattern Analysis and Machine Intelligence
Usability and biometric verification at the ATM interface
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Authenticating mobile phone users using keystroke analysis
International Journal of Information Security
The design and analysis of graphical passwords
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Do background images improve "draw a secret" graphical passwords?
Proceedings of the 14th ACM conference on Computer and communications security
Understanding user perspectives on biometric technology
Communications of the ACM - Enterprise information integration: and other tools for merging data
Cell Phones Personal Authentication Systems Using Multimodal Biometrics
ICIAR '08 Proceedings of the 5th international conference on Image Analysis and Recognition
PassShapes: utilizing stroke based authentication to increase password memorability
Proceedings of the 5th Nordic conference on Human-computer interaction: building bridges
The use of passwords for controlling access to remote computer systems and services
AFIPS '77 Proceedings of the June 13-16, 1977, national computer conference
Can i borrow your phone?: understanding concerns when sharing mobile phones
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Look into my eyes!: can you guess my password?
Proceedings of the 5th Symposium on Usable Privacy and Security
Implicit User Re-authentication for Mobile Devices
UIC '09 Proceedings of the 6th International Conference on Ubiquitous Intelligence and Computing
ePet: when cellular phone learns to recognize its owner
Proceedings of the 2nd ACM workshop on Assurable and usable security configuration
Multi-touch authentication on tabletops
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Implicit authentication for mobile devices
HotSec'09 Proceedings of the 4th USENIX conference on Hot topics in security
Authentication in the clouds: a framework and its application to mobile users
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
A location based security framework for authenticating mobile phones
Proceedings of the 2nd International Workshop on Middleware for Pervasive Mobile and Embedded Computing
Smudge attacks on smartphone touch screens
WOOT'10 Proceedings of the 4th USENIX conference on Offensive technologies
Implicit authentication through learning user behavior
ISC'10 Proceedings of the 13th international conference on Information security
Combining biometric evidence for person authentication
ASB'03 Proceedings of the 1st international conference on Advanced Studies in Biometrics
Making graphic-based authentication secure against smudge attacks
Proceedings of the 2013 international conference on Intelligent user interfaces
Continuous Remote Mobile Identity Management Using Biometric Integrated Touch-Display
MICROW '12 Proceedings of the 2012 45th Annual IEEE/ACM International Symposium on Microarchitecture Workshops
Back-of-device authentication on smartphones
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
ACM Transactions on Accessible Computing (TACCESS)
Know your enemy: the risk of unauthorized access in smartphones by insiders
Proceedings of the 15th international conference on Human-computer interaction with mobile devices and services
Proceedings of the 15th international conference on Human-computer interaction with mobile devices and services
Proceedings of the 19th annual international conference on Mobile computing & networking
Exploring the design space of graphical passwords on smartphones
Proceedings of the Ninth Symposium on Usable Privacy and Security
SilentSense: silent user identification via touch and movement behavioral biometrics
Proceedings of the 19th annual international conference on Mobile computing & networking
When kids' toys breach mobile phone security
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
User identification using raw sensor data from typing on interactive displays
Proceedings of the 19th international conference on Intelligent User Interfaces
Towards application-centric implicit authentication on smartphones
Proceedings of the 15th Workshop on Mobile Computing Systems and Applications
TIPS: context-aware implicit user identification using touch screen in uncontrolled environments
Proceedings of the 15th Workshop on Mobile Computing Systems and Applications
Electronic Commerce Research
Hi-index | 0.01 |
Password patterns, as used on current Android phones, and other shape-based authentication schemes are highly usable and memorable. In terms of security, they are rather weak since the shapes are easy to steal and reproduce. In this work, we introduce an implicit authentication approach that enhances password patterns with an additional security layer, transparent to the user. In short, users are not only authenticated by the shape they input but also by the way they perform the input. We conducted two consecutive studies, a lab and a long-term study, using Android applications to collect and log data from user input on a touch screen of standard commercial smartphones. Analyses using dynamic time warping (DTW) provided first proof that it is actually possible to distinguish different users and use this information to increase security of the input while keeping the convenience for the user high.