Title

Advanced User Authentication for Mobile Devices

Document Type

Journal Article

Publisher

Elsevier Ltd.

Faculty

Computing, Health and Science

School

School of Computer and Information Science, Centre for Security Research

RAS ID

4596

Comments

This article was originally published as: Clarke, N. L., & Furnell, S. M. (2007). Advanced user authentication for mobile devices. computers & security, 26(2), 109-119. Original available here

Abstract

As mobile devices continue to evolve in terms of the capabilities and services offered, so they introduce additional demands in terms of security. An issue that has traditionally been poorly served is user authentication, with the majority of devices relying upon problematic secret knowledge approaches. This paper proposes the use of more advanced biometric methods as an alternative. After considering the general range of available techniques and their applicability to mobile devices, the discussion focuses upon the concept of keystroke analysis. Results of a practical evaluation are presented based upon the entry of both telephone numbers and text messages on a mobile phone. The findings reveal the technique to have promise for certain users with average error rates below 5%. The paper then proceeds to explain how the accuracy could be further improved by incorporating keystroke analysis within a composite authentication mechanism that utilises a portfolio of authentication techniques to provide robust, accurate and transparent authentication of the user.

 

Link to publisher version (DOI)

http://dx.doi.org/10.1016/j.cose.2006.08.008