Touchalytics: On the Applicability of Touchscreen Input as a Behavioral Biometric for Continuous Authentication

Touchalytics: On the Applicability of Touchscreen Input as a Behavioral Biometric for Continuous Authentication

IEEE Transactions on Information Forensics and Security (Vol. 8, No. 1), pages 136-148, 2013 We investigate whether a classifier can continuously authenticate users based on the way they interact with the touchscreen of a smart phone. We propose a set of 30 behavioral touch features that can be extr...

Full description

Saved in:
Bibliographic Details
Main Authors: Frank, Mario, Biedert, Ralf, Ma, Eugene, Martinovic, Ivan, Song, Dawn
Format: Journal Article
Language:English
Published: 08-10-2012
Subjects:
Computer Science - Cryptography and Security
Computer Science - Learning
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:IEEE Transactions on Information Forensics and Security (Vol. 8, No. 1), pages 136-148, 2013 We investigate whether a classifier can continuously authenticate users based on the way they interact with the touchscreen of a smart phone. We propose a set of 30 behavioral touch features that can be extracted from raw touchscreen logs and demonstrate that different users populate distinct subspaces of this feature space. In a systematic experiment designed to test how this behavioral pattern exhibits consistency over time, we collected touch data from users interacting with a smart phone using basic navigation maneuvers, i.e., up-down and left-right scrolling. We propose a classification framework that learns the touch behavior of a user during an enrollment phase and is able to accept or reject the current user by monitoring interaction with the touch screen. The classifier achieves a median equal error rate of 0% for intra-session authentication, 2%-3% for inter-session authentication and below 4% when the authentication test was carried out one week after the enrollment phase. While our experimental findings disqualify this method as a standalone authentication mechanism for long-term authentication, it could be implemented as a means to extend screen-lock time or as a part of a multi-modal biometric authentication system.
DOI:10.48550/arxiv.1207.6231