Abstract:
Mobile devices such as smartphones have until now been protected by traditional authentication methods, including
passwords or pattern locks. These authentication mechanisms are difficult to remember and are often disabled, leaving
the device vulnerable if stolen. This paper investigates the possibility of unobtrusive, continuous authentication for
smartphones based on biometric data collected using a touchscreen. The possibility of authenticating users on a
smartphone was evaluated by conducting an experiment simulating real-world touch interaction. Touch data was
collected from 30 participants during normal phone use. The touch features were analysed in terms of the information
provided for authentication. It was found that features such as finger pressure, location of touch interaction and shape
of the finger were important discriminators for authentication. The touch data was also analysed using two classification
algorithms to measure the authentication accuracy. The results show that touch data is sufficiently distinct between
users to be used in authentication without disrupting normal touch interaction. It is also shown that the raw touch data
was more effective in authentication than the aggregated gesture data.