Advanced User Authentication for Mobile Devices

Document Type

Journal Article


Elsevier Ltd.


Computing, Health and Science


School of Computer and Information Science, Centre for Security Research




This article was originally published as: Clarke, N. L., & Furnell, S. M. (2007). Advanced user authentication for mobile devices. computers & security, 26(2), 109-119. Original available here


As mobile devices continue to evolve in terms of the capabilities and services offered, so they introduce additional demands in terms of security. An issue that has traditionally been poorly served is user authentication, with the majority of devices relying upon problematic secret knowledge approaches. This paper proposes the use of more advanced biometric methods as an alternative. After considering the general range of available techniques and their applicability to mobile devices, the discussion focuses upon the concept of keystroke analysis. Results of a practical evaluation are presented based upon the entry of both telephone numbers and text messages on a mobile phone. The findings reveal the technique to have promise for certain users with average error rates below 5%. The paper then proceeds to explain how the accuracy could be further improved by incorporating keystroke analysis within a composite authentication mechanism that utilises a portfolio of authentication techniques to provide robust, accurate and transparent authentication of the user.


Link to publisher version (DOI)