NOTE: The following materials are presented for timely dissemination of academic and technical work. Copyright and all other rights therein are reserved by authors and/or other copyright holders. Persoanl use of the following materials is permitted and, however, people using the materials or information are expected to adhere to the terms and constraints invoked by the related copyright.

TDAS: A Touch Dynamics based Multi-Factor Authentication Solution for Mobile Devices


The use of mobile devices in handling our daily activities that involve the storage or access of sensitive data (e.g. on-line banking, paperless prescription services, etc.) is becoming very common. These mobile electronic services typically use a knowledge-based authentication method to authenticate a user (claimed identity). However, this authentication method is vulnerable to several security attacks. To counter the attacks and to make the authentication process more secure, this paper investigates the use of touch dynamics biometrics in conjunction with a PIN-based authentication method, and demonstrates its benefits in terms of strengthening the security of authentication services for mobile device. The investigation has made use of three light-weighted matching functions and a comprehensive reference dataset collected from 150 subjects. The investigative results show that, with this multi-factor authentication approach, even when the PIN is exposed, as much as 9 out of 10 impersonation attempts can be successfully identified. It has also been discovered that the accuracy performance can be increased by combining different feature data types and by increasing the input string length. The novel contributions of this paper are two-fold. Firstly, it describes how a comprehensive experiment is set up to collect touch dynamics biometrics data, and the set of collected data is being made publically available, which may facilitate further research in the problem domain. Secondly, the paper demonstrates how the dataset may be used to strengthen the protection of resources that are accessible via mobile devices.

Click ijpcc2016.pdf for full text .