Table of Contents Author Guidelines Submit a Manuscript
Mobile Information Systems
Volume 2018, Article ID 2649598, 16 pages
https://doi.org/10.1155/2018/2649598
Review Article

Demystifying Authentication Concepts in Smartphones: Ways and Types to Secure Access

Department of Information Engineering and Computer Science, University of Trento, Trento, Italy

Correspondence should be addressed to Sandeep Gupta; ti.ntinu@atpug.peednas

Received 22 August 2017; Revised 11 December 2017; Accepted 9 January 2018; Published 11 March 2018

Academic Editor: Fabio Gasparetti

Copyright © 2018 Sandeep Gupta et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. Motorola, “Timely achievements,” 2017, https://www.motorola.com/us/about/motorola-history-milestones. View at Google Scholar
  2. N. Triandopoulos, A. Juels, R. L. Rivest, and J. Brainard, Multi-server one-time passcode verification on respective high order and low order passcode portions, 2016.
  3. D. Crouse, H. Han, D. Chandra, B. Barbello, and A. K. Jain, “Continuous authentication of mobile user: fusion of face image and inertial measurement unit data,” in Proceedings of the International Conference on Biometrics (ICB), pp. 135–142, IEEE, Phuket, Thailand, May 2015.
  4. T. Feng, Z. Liu, K.-A. Kwon et al., “Continuous mobile authentication using touchscreen gestures,” in Proceedings of the IEEE Conference on Technologies for Homeland Security (HST), pp. 451–456, IEEE, Waltham, MA, USA, November 2012.
  5. V. M. Patel, R. Chellappa, D. Chandra, and B. Barbello, “Continuous user authentication on mobile devices: recent progress and remaining challenges,” IEEE Signal Processing Magazine, vol. 33, no. 4, pp. 49–61, 2016. View at Publisher · View at Google Scholar · View at Scopus
  6. D. C. Dutt, A. B. Somayaji, and M. J. K. Bingham, System and method for behavioural biometric authentication using program modelling, 2016.
  7. A. De Luca, A. Hang, F. Brudy, C. Lindner, and H. Hussmann, “Touch me once and i know it’s you!: implicit authentication based on touch screen patterns,” in Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 987–996, ACM, New York, NY, USA, 2012.
  8. A. Buriro, B. Crispo, F. Del Frari, and K. Wrona, “Hold and sign: a novel behavioral biometrics for smartphone user authentication,” in Proceedings of the 2016 IEEE Security and Privacy Workshops (SPW), pp. 276–285, IEEE, San Jose, CA, USA, May 2016.
  9. A. Buriro, S. Gupta, and B. Crispo, “Evaluation of motion-based touch-typing biometrics in online financial environments,” in Proceedings of the 16th International Conference of the Biometrics Special Interest Group (BIOSIG), Darmstadt, Germany, September 2017.
  10. H. Crawford and K. Renaud, “Understanding user perceptions of transparent authentication on a mobile device,” Journal of Trust Management, vol. 1, no. 1, p. 7, 2014. View at Publisher · View at Google Scholar
  11. B. Causey, “Adaptive authentication: an introduction to risk-based authentication,” 2013, http://searchsecurity.techtarget.com/tip/Adaptive-authentication-An-introduction-to-risk-based-authentication. View at Google Scholar
  12. I. Traore, I. Woungang, M. S. Obaidat, Y. Nakkabi, and I. Lai, “Online risk-based authentication using behavioral biometrics,” Multimedia tools and applications, vol. 71, no. 2, pp. 575–605, 2014. View at Publisher · View at Google Scholar · View at Scopus
  13. M. B. Ayed, Method for adaptive authentication using a mobile device, 2014.
  14. F. B. Schneider, “Something you know, have, or are,” 2005, https://www.cs.cornell.edu/courses/cs513/2005fa/NNLauthPeople.html. View at Google Scholar
  15. N. Forsblom, “Were you aware of all these sensors in your smartphone?” 2015, https://blog.adtile.me/2015/11/12/were-you-aware-of-all-these-sensors-in-your-smartphone/. View at Google Scholar
  16. A. Buriro, “Behavioral biometrics for smartphone user authentication,” University of Trento, Trento, Italy, 2017, Ph.D. thesis. View at Google Scholar
  17. W. Meng, D. S. Wong, S. Furnell, and J. Zhou, “Surveying the development of biometric user authentication on mobile phones,” IEEE Communications Surveys & Tutorials, vol. 17, no. 3, pp. 1268–1293, 2015. View at Publisher · View at Google Scholar · View at Scopus
  18. J. Roth, X. Liu, A. Ross, and D. Metaxas, “Biometric authentication via keystroke sound,” in Proceedings of the International Conference on Biometrics (ICB), pp. 1–8, IEEE, Madrid, Spain, June 2013.
  19. E. Bertino, C. Bettini, E. Ferrari, and P. Samarati, “An access control model supporting periodicity constraints and temporal reasoning,” ACM Transactions on Database Systems, vol. 23, no. 3, pp. 231–285, 1998. View at Publisher · View at Google Scholar
  20. F. Feldmann, Binding Credentials: Securing (SSO) Authentication, Ruhr University Bochum, Bochum, Germany, 2016.
  21. HuntingtonVentures, “Single sign on: the business of authentication,” 2006, https://archive.is/20140315095827/. View at Google Scholar
  22. A. Salazar, “SSO vs. centralized authentication,” 2014, https://stormpath.com/blog/sso-vs-centralized-auth. View at Google Scholar
  23. VMware, “VMware identity manager documentation center,” 2017, https://pubs.vmware.com/vidm/index.jsp?topic=%2Fcom.vmware.wsair-administration%2FGUID-1E5128A5-1394-4A50-8098-947780E38166.html. View at Google Scholar
  24. Google, “G suite: single sign-on on an android device,” 2016, https://support.google.com/a/users/answer/2758865?hl=en. View at Google Scholar
  25. R. Ritchie, D. Rubino, K. Michaluk, and P. Nickinson, “The future of authentication: Biometrics, multi-factor, and co-dependency,” 2013, https://www.androidcentral.com/talk-mobile/future-authentication-biometrics-multi-factor-and-co-dependency-talk-mobile. View at Google Scholar
  26. M. Stanislav, Two-Factor Authentication, IT Governance Ltd., Ely, UK, 2015.
  27. D. G. Warnock and C. C. Peck, “A roadmap for biomarker qualification,” Nature biotechnology, vol. 28, no. 5, pp. 444-445, 2010. View at Publisher · View at Google Scholar · View at Scopus
  28. X. Ren and X.-W. Wu, “A novel dynamic user authentication scheme,” in Proceedings of the International Symposium on Communications and Information Technologies (ISCIT), pp. 713–717, IEEE, Gold Coast, QLD, Australia, October 2012.
  29. I. Traoré and A. A. E. Ahmed, Introduction to Continuous Authentication, in Continuous Authentication Using Biometrics: Data, Models, and Metrics: Data, Models, and Metrics, University of Victoria, Victoria, BC Canada, 2011.
  30. M. Frank, R. Biedert, E. Ma, I. Martinovic, and D. Song, “Touchalytics: on the applicability of touchscreen input as a behavioral biometric for continuous authentication,” IEEE Transactions on Information Forensics and Security, vol. 8, no. 1, pp. 136–148, 2013. View at Publisher · View at Google Scholar · View at Scopus
  31. A. Buriro, B. Crispo, and Y. Zhauniarovich, “Please hold on: unobtrusive user authentication using smartphone’s built-in sensors,” in Proceedings of the IEEE International Conference on Identity, Security and Behavior Analysis (ISBA), pp. 1–8, IEEE, New Delhi, India, February 2017.
  32. Wikipedia, “Risk-based authentication,” 2017, https://en.wikipedia.org/wiki/Risk-based_authentication. View at Google Scholar
  33. A. J. Harris and D. C. Yen, “Biometric authentication: assuring access to information,” Information Management & Computer Security, vol. 10, no. 1, pp. 12–19, 2002. View at Publisher · View at Google Scholar · View at Scopus
  34. NuData Security, “What is risk based authentication?” 2017, https://nudatasecurity.com/blog/ecommerce/what-is-risk-based-authentication/. View at Google Scholar
  35. R. Hulsebosch, M. S. Bargh, G. Lenzini, P. Ebben, and S. M. Iacob, “Context sensitive adaptive authentication,” in Proceedings of the European Conference on Smart Sensing and Context, pp. 93–109, Springer, Kendal, UK, October 2007.
  36. RSA, “RSA adaptive authentication system,” 2017, https://www.rsa.com/content/dam/rsa/PDF/h9096-rsa-risk-engine-sb-11-2.pdf. View at Google Scholar
  37. A. K. Jain, S. Pankanti, S. Prabhakar, L. Hong, and A. Ross, “Biometrics: a grand challenge,” in Proceedings of the 17th International Conference on Pattern Recognition (ICPR), vol. 2, pp. 935–942, IEEE, Cambridge, UK, August 2004.
  38. A. Jain, K. Nandakumar, and A. Ross, “Score normalization in multimodal biometric systems,” Pattern Recognition, vol. 38, no. 12, pp. 2270–2285, 2005. View at Publisher · View at Google Scholar · View at Scopus
  39. A. Ross and A. Jain, “Information fusion in biometrics,” Pattern recognition letters, vol. 24, no. 13, pp. 2115–2125, 2003. View at Publisher · View at Google Scholar · View at Scopus
  40. C. Braz and J.-M. Robert, “Security and usability: the case of the user authentication methods,” in Proceedings of the 18th Conference on l’Interaction Homme-Machine, pp. 199–203, ACM, New York, NY, USA, 2006.
  41. K.-P. Yee, “User interaction design for secure systems,” in Proceedings of the 4th International Conference on Information and Communications Security, pp. 278–290, Singapore, December 2002.
  42. Microsoft, “Key principles of software architecture,” 2018, https://msdn.microsoft.com/en-us/library/ee658124.aspx. View at Google Scholar
  43. J. Brooke, SUS-A Quick and Dirty Usability Scale: Usability Evaluation in Industry, Taylor and Francis, Oxford, UK, 1996.
  44. Usability, “System usability scale (sus),” 2017, https://www.usability.gov/how-to-and-tools/methods/system-usability-scale.html. View at Google Scholar
  45. M. F. Theofanos, R. J. Micheals, and B. C. Stanton, “Biometrics systems include users,” IEEE Systems Journal, vol. 3, no. 4, pp. 461–468, 2009. View at Publisher · View at Google Scholar · View at Scopus
  46. ISO, Human-Centred Design Processes for Interactive Systems, International Organization for Standardization, Geneva, Switzerland, 1999.
  47. M. A. Sasse, “Red-eye blink, bendy shuffle, and the yuck factor: a user experience of biometric airport systems,” IEEE Security & Privacy, vol. 5, no. 3, pp. 78–81, 2007. View at Publisher · View at Google Scholar · View at Scopus
  48. M. Harbach, E. Von Zezschwitz, A. Fichtner, A. De Luca, and M. Smith, “It’s a hard lock life: a field study of smartphone (un) locking behavior and risk perception,” in Proceedings of the Symposium on Usable Privacy and Security (SOUPS), pp. 9–11, Menlo Park, CA, USA, July 2014.
  49. A. De Luca, A. Hang, E. Von Zezschwitz, and H. Hussmann, “I feel like I’m taking selfies all day!: towards understanding biometric authentication on smartphones,” in Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems, pp. 1411–1414, ACM, New York, NY, USA, 2015.
  50. T. Sloane, “Behavioral biometrics: the restructuring of the authentication landscape,” 2017, https://www.mercatoradvisorygroup.com/Webinars/Behavioral_Biometrics__The_Restructuring_of_the_Authentication_Landscape/. View at Google Scholar
  51. M. Winnick, “Putting a finger on our phone obsession,” 2016, https://blog.dscout.com/mobile-touches. View at Google Scholar
  52. N. Cowan, C. C. Morey, Z. Chen, A. L. Gilchrist, and J. S. Saults, “Theory and measurement of working memory capacity limits,” Psychology of Learning and Motivation, vol. 49, pp. 49–104, 2008. View at Publisher · View at Google Scholar · View at Scopus
  53. J. Zhang, X. Luo, S. Akkaladevi, and J. Ziegelmayer, “Improving multiple-password recall: an empirical study,” European Journal of Information Systems, vol. 18, no. 2, pp. 165–176, 2009. View at Publisher · View at Google Scholar · View at Scopus
  54. A. Adams and M. A. Sasse, “Users are not the enemy,” Communications of the ACM, vol. 42, no. 12, pp. 40–46, 1999. View at Publisher · View at Google Scholar · View at Scopus
  55. M. Awad, Z. Al-Qudah, S. Idwan, and A. H. Jallad, “Password security: password behavior analysis at a small university,” in Proceedings of the 5th International Conference on Electronic Devices, Systems and Applications (ICEDSA), pp. 1–4, IEEE, Ras Al Khaimah, UAE, December 2016.
  56. S. Komanduri, R. Shay, P. G. Kelley et al., “Of passwords and people: measuring the effect of password-composition policies,” in Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 2595–2604, ACM, New York, NY, USA, 2011.
  57. J. Bonneau, S. Preibusch, and R. J. Anderson, “A birthday present every eleven wallets? The security of customer-chosen banking pins,” in Proceedings of the 16th International Conference Financial Cryptography and Data Security, vol. 7397, pp. 25–40, Springer, Kralendijk, Bonaire, February-March 2012.
  58. D. Silver, S. Jana, D. Boneh, E. Y. Chen, and C. Jackson, “Password managers: attacks and defenses,” in Proceedings of the 23rd USENIX Security Symposium, pp. 449–464, San Diego, CA, USA, August 2014.
  59. T. Bhattasali, K. Saeed, N. Chaki, and R. Chaki, “A survey of security and privacy issues for biometrics based remote authentication in cloud,” in Proceedings of the IFIP International Conference on Computer Information Systems and Industrial Management, pp. 112–121, Springer, Ho Chi Minh City, Vietnam, November 2014.
  60. PandaSecurities, “No password? You’re asking to be hacked,” 2016, https://www.pandasecurity.com/mediacenter/tips/smartphone-risk-dont-use-password. View at Google Scholar
  61. C. Katsini, M. Belk, C. Fidas, N. Avouris, and G. Samaras, “Security and usability in knowledge-based user authentication: a review,” in Proceedings of the 20th Pan-Hellenic Conference on Informatics, p. 63, ACM, Patras, Greece, November 2016.
  62. J. K. Thorpe, On the Predictability and Security of User Choice in Passwords, Carleton University, 2008.
  63. Secure Group, “Lock pattern, pin, or password: What is the most reliable way to lock a phone,” 2017, https://blog.securegroup.com/lock-pattern-pin-or-password-what-is-the-most-reliable-way-to-lock-a-phone. View at Google Scholar
  64. G. Ye, Z. Tang, D. Fang et al., “Cracking android pattern lock in five attempts,” in Proceedings of the Network and Distributed System Security Symposium, San Diego, CA, USA, February-March 2017.
  65. F. Tari, A. Ozok, and S. H. Holden, “A comparison of perceived and real shoulder-surfing risks between alphanumeric and graphical passwords,” in Proceedings of the Second Symposium on Usable Privacy and Security, pp. 56–66, ACM, Pittsburgh, PA, USA, July 2006.
  66. A. J. Aviv, K. L. Gibson, E. Mossop, M. Blaze, and J. M. Smith, Smudge Attacks on Smartphone Touch Screens, vol. 10, Woot, Carrollton, TX, USA, 2010.
  67. X. Suo, Y. Zhu, and G. S. Owen, “Graphical passwords: a survey,” in Proceedings of the 21st Annual Computer Security Applications Conference, p. 10, IEEE, Tucson, AZ, USA, December 2005.
  68. CAPEC-Release1.6, “Common attack pattern enumeration and classification,” 2016, http://capec.mitre.org. View at Google Scholar
  69. M. Mehrnezhad, E. Toreini, S. F. Shahandashti, and F. Hao, “Stealing pins via mobile sensors: actual risk versus user perception,” International Journal of Information Security, pp. 1–23, 2016. View at Google Scholar
  70. A. Sarkisyan, R. Debbiny, and A. Nahapetian, “Wristsnoop: smartphone pins prediction using smartwatch motion sensors,” IEEE, pp. 1–6.
  71. F. Breitinger and C. Nickel, “User survey on phone security and usage,” in Proceedings of the Biometrics and Electronic Signatures (BIOSIG), pp. 139–144, Darmstadt, Germany, September 2010.
  72. M. Meeker and L. Wu, “Kleiner Perkins Caufield and Byers (KPCB): internet trends,” 2017, http://www.kpcb.com/internet-trends. View at Google Scholar
  73. H. Choi, H. Kwon, and J. Hur, “A secure OTP algorithm using a smartphone application,” in Proceedings of the Seventh International Conference on Ubiquitous and Future Networks (ICUFN), pp. 476–481, IEEE, Sapporo, Japan, July 2015.
  74. H. Sun, K. Sun, Y. Wang, and J. Jing, “TrustOTP: transforming smartphones into secure one-time password tokens,” in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 976–988, ACM, Denver, CO, USA, October 2015.
  75. B. Cha, N. Kim, and J. Kim, “Prototype analysis of OTP key-generation based on mobile device using voice characteristics,” in Proceedings of the International Conference on Information Science and Applications (ICISA), pp. 1–5, IEEE, Jeju, Korea, April 2011.
  76. Verizon, “How long since you took a hard look at your cybersecurity?” 2017, http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017. View at Google Scholar
  77. I. Agadakos, C.-Y. Chen, M. Campanelli et al., Jumping the Air Gap: Modeling Cyber-Physical a Ack Paths in the Internet-of-Things, ACM, New York, NY, USA, 2017.
  78. M. Fomichev, F. Alvarez, D. Steinmetzer, P. Gardner-Stephen, and M. Hollick, “Survey and systematization of secure device pairing,” IEEE Communications Surveys & Tutorials, vol. 20, no. 1, pp. 517–550, 2018. View at Publisher · View at Google Scholar · View at Scopus
  79. M. Belk, P. Germanakos, C. Fidas, and G. Samaras, “A personalization method based on human factors for improving usability of user authentication tasks,” in Proceedings of International Conference on User Modeling, Adaptation, and Personalization, pp. 13–24, Springer, Aalborg, Denmark, July 2014.
  80. M.-C. Chuang and M. C. Chen, “An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics,” Expert Systems with Applications, vol. 41, no. 4, pp. 1411–1418, 2014. View at Publisher · View at Google Scholar · View at Scopus
  81. K. Krol, E. Philippou, E. De Cristofaro, and M. A. Sasse, ““They brought in the horrible key ring thing!” Analysing the usability of two-factor authentication in UK online banking,” arXiv preprint arXiv:1501.04434, 2015. View at Google Scholar
  82. T. Zink and M. Waldvogel, “X. 509 user certificate-based two-factor authentication for web applications,” in Proceedings of the 10. DFN-Forum Kommunikationstechnologien, pp. 51–61, Berlin, Germany, May 2017.
  83. K. J. Heffernan, F. Vetere, L. M. Britton, B. Semaan, and T. Schiphorst, “Insertable digital devices: voluntarily under the skin,” in Proceedings of the 2016 ACM Conference Companion Publication on Designing Interactive Systems, pp. 85–88, ACM, Brisbane, QLD, Australia, June 2016.
  84. P. Strohmeier, C. Honnet, and S. Von Cyborg, “Developing an ecosystem for interactive electronic implants,” in Proceedings of the Conference on Biomimetic and Biohybrid Systems, pp. 518–525, Springer, Edinburgh, UK, July 2016.
  85. M. Janiak, C. Schaub, D. Lynam, B. Howe, G. Wachter, and G. Krueger, Biometric authentication device for use with a personal digital assistant, 2001.
  86. K. J. Heffernan, “Insertables workshop,” 2016, https://insertables.wordpress.com/. View at Google Scholar
  87. TechTarget, “Bespoke,” 2017, http://whatis.techtarget.com/definition/bespoke. View at Google Scholar
  88. M. Gupta, C. Holloway, B. M. Heravi, and S. Hailes, “A comparison between smartphone sensors and bespoke sensor devices for wheelchair accessibility studies,” in Proceedings of the IEEE 10th International Conference on Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP), pp. 1–6, IEEE, Singapore, April 2015.
  89. First4magnets, “Use of neodymium magnets,” 2016, https://www.first4magnets.com/tech-centre-i61/information-and-articles-i70/neodymium-magnet-information-i82/common-applications-of-neodymium-magnets-i88. View at Google Scholar
  90. P. Urien and S. Piramuthu, “Framework and authentication protocols for smartphone, NFC, and RFID in retail transactions,” in Proceedings of the IEEE 8th International Conference on Intelligent Sensors, Sensor Networks and Information Processing, pp. 77–82, IEEE, Melbourne, VIC, Australia, April 2013.
  91. I. J. Forster and A. N. Farr, Method for preventing unauthorized diversion of nfc tags, 2017.
  92. H. Hassan, S. Wacquant, and H. B. Seifert, Vehicle driver monitoring system, 2017.
  93. M. Cuff, “Smart digital tattoos,” 2014, http://www.stylus.com/scckpj. View at Google Scholar
  94. K. J. Heffernan, F. Vetere, and S. Chang, “Towards insertables: devices inside the human body,” First Monday, vol. 22, no. 3, 2017. View at Publisher · View at Google Scholar · View at Scopus
  95. R. M. Bolle, J. H. Connell, S. Pankanti, N. K. Ratha, and A. W. Senior, Guide To Biometrics, Springer Science & Business Media, Berlin, Germany, 2013.
  96. R. Ramachandra and C. Busch, “Presentation attack detection methods for face recognition systems: a comprehensive survey,” ACM Computing Surveys, vol. 50, no. 1, pp. 1–37, 2017. View at Publisher · View at Google Scholar · View at Scopus
  97. A. K. Jain, K. Nandakumar, and A. Ross, “50 years of biometric research: accomplishments, challenges, and opportunities,” Pattern Recognition Letters, vol. 79, pp. 80–105, 2016. View at Publisher · View at Google Scholar · View at Scopus
  98. A. Hadid, N. Evans, S. Marcel, and J. Fierrez, “Biometrics systems under spoofing attack: an evaluation methodology and lessons learned,” IEEE Signal Processing Magazine, vol. 32, no. 5, pp. 20–30, 2015. View at Publisher · View at Google Scholar · View at Scopus
  99. S. Kovach, “Business insider-Samsung’s Galaxy S8 facial recognition feature can be fooled with a photo,” 2017, http://www.businessinsider.com/samsung-galaxy-s8-facial-recognition-tricked-with-a-photo-2017-3?IR=T. View at Google Scholar
  100. J. Titcomb, “Hackers claim to beat iPhone X’s face id in one week with 115 mask,” 2017, http://www.telegraph.co.uk/technology/2017/11/13/hackers-beat-iphone-xs-face-one-week-115-mask/. View at Google Scholar
  101. H. Saevanee, N. Clarke, S. Furnell, and V. Biscione, “Continuous user authentication using multi-modal biometrics,” Computers & Security, vol. 53, pp. 234–246, 2015. View at Publisher · View at Google Scholar · View at Scopus
  102. A. Hern, “The guardian-Samsung Galaxy S8 iris scanner fooled by German hackers,” 2017, https://www.theguardian.com/technology/2017/may/23/samsung-galaxy-s8-iris-scanner-german-hackers-biometric-security. View at Google Scholar
  103. A. Charles, “The guardian-iPhone 5S fingerprint sensor hacked by Germany’s Chaos Computer Club,” 2013, https://www.theguardian.com/technology/2013/sep/22/apple-iphone-fingerprint-scanner-hacked. View at Google Scholar
  104. C. McGoogan and D. Demetriou, “The telegraph-peace sign selfies could let hackers copy your fingerprints,” 2017, http://www.telegraph.co.uk/technology/2017/01/12/peace-sign-selfies-could-let-hackers-copy-fingerprints. View at Google Scholar
  105. C. Bhagavatula, B. Ur, K. Iacovino, S. M. Kywe, L. F. Cranor, and M. Savvides, “Biometric authentication on iPhone and Android: usability, perceptions, and influences on adoption,” in Proceedings of the Workshop on Usable Security (USEC), pp. 1-2, San Diego, CA, USA, January 2015.
  106. A. Jain, R. Bolle, and S. Pankanti, Biometrics: Personal Identification in Networked Society, vol. 479, Springer Science & Business Media, Berlin, Germany, 2006.
  107. M. Kumar, A. Insan, N. Stoll, K. Thurow, and R. Stoll, “Stochastic fuzzy modeling for ear imaging based child identification,” IEEE Transactions on Systems, Man, and Cybernetics: Systems, vol. 46, no. 9, pp. 1265–1278, 2016. View at Publisher · View at Google Scholar · View at Scopus
  108. M. Sultana, M. Gavrilova, and S. Yanushkevich, “Multi-resolution fusion of DTCWT and DCT for shift invariant face recognition,” in Proceedings of the IEEE International Conference on Systems, Man and Cybernetics (SMC), pp. 80–85, IEEE, Hong Kong, China, October 2014.
  109. Y. Xu, X. Fang, X. Li et al., “Data uncertainty in face recognition,” IEEE transactions on cybernetics, vol. 44, no. 10, pp. 1950–1961, 2014. View at Publisher · View at Google Scholar · View at Scopus
  110. C. Song, A. Wang, K. Ren, and W. Xu, “EyeVeri: a secure and usable approach for smartphone user authentication,” in Proceedings of the 35th Annual IEEE International Conference on Computer Communications, IEEE INFOCOM 2016, pp. 1–9, IEEE, San Francisco, CA, USA, April 2016.
  111. IBIA, “Behavioral biometrics,” 2017, https://www.ibia.org/biometrics-and-identity/biometric-technologies/behavioral-biometrics. View at Google Scholar
  112. L. M. Mayron, “Behavioral biometrics for universal access and authentication,” in Proceedings of the International Conference on Universal Access in Human-Computer Interaction, pp. 330–339, Springer, Los Angeles, CA, USA, August 2015.
  113. A. Buriro, B. Crispo, F. Del Frari, J. Klardie, and K. Wrona, “ITSME: multi-modal and unobtrusive behavioural user authentication for smartphones,” in Proceedings of the International Conference on Passwords, pp. 45–61, Springer, Cambridge, UK, December 2015.
  114. A. Buriro, B. Crispo, F. Del Frari, and K. Wrona, “Touchstroke: smartphone user authentication based on touch-typing biometrics,” in Proceedings of the International Conference on Image Analysis and Processing, pp. 27–34, Springer, Genoa, Italy, September 2015.
  115. N. Zheng, K. Bai, H. Huang, and H. Wang, “You are how you touch: user verification on smartphones via tapping behaviors,” in Proceedings of the IEEE 22nd International Conference on Network Protocols (ICNP), pp. 221–232, IEEE, Raleigh, NC, USA, October 2014.
  116. M. Muaaz and R. Mayrhofer, “Smartphone-based gait recognition: from authentication to imitation,” IEEE Transactions on Mobile Computing, vol. 16, no. 11, pp. 3209–3221, 2017. View at Publisher · View at Google Scholar · View at Scopus
  117. M. R. Hestbek, C. Nickel, and C. Busch, “Biometric gait recognition for mobile devices using wavelet transform and support vector machines,” in Proceedings of the 19th International Conference on Systems, Signals and Image Processing (IWSSIP), pp. 205–210, IEEE, Vienna, Austria, April 2012.
  118. A. Muro-De-La-Herran, B. Garcia-Zapirain, and A. Mendez-Zorrilla, “Gait analysis methods: an overview of wearable and non-wearable systems, highlighting clinical applications,” Sensors, vol. 14, no. 12, pp. 3362–3394, 2014. View at Publisher · View at Google Scholar · View at Scopus
  119. M. Sultana, P. P. Paul, and M. L. Gavrilova, “Social behavioral information fusion in multimodal biometrics,” IEEE Transactions on Systems, Man, and Cybernetics: Systems, 2017. View at Publisher · View at Google Scholar
  120. H. Khan, U. Hengartner, and D. Vogel, “Usability and security perceptions of implicit authentication: convenient, secure, sometimes annoying,” in Proceedings of the Symposium on Usable Privacy and Security (SOUPS 2015), pp. 225–239, Santa Clara, CA, USA, July 2015.
  121. N. Poh and J. Korczak, “Hybrid biometric person authentication using face and voice features,” in Proceedings of the 3rd International Conference Audio- and Video-Based Biometric Person Authentication (AVBPA), vol. 1, pp. 348–353, Springer, Halmstad, Sweden, June 2001.
  122. R. Brunelli and D. Falavigna, “Person identification using multiple cues,” IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 17, no. 10, pp. 955–966, 1995. View at Publisher · View at Google Scholar · View at Scopus
  123. K. Brunet, K. Taam, E. Cherrier, N. Faye, and C. Rosenberger, “Speaker recognition for mobile user authentication: an Android solution,” p. 10.
  124. K. Murao, H. Tobise, T. Terada, T. Iso, M. Tsukamoto, and T. Horikoshi, “Mobile phone user authentication with grip gestures using pressure sensors,” International Journal of Pervasive Computing and Communications, vol. 11, no. 3, pp. 288–301, 2015. View at Publisher · View at Google Scholar · View at Scopus
  125. J. Kittler, J. Matas, K. Jonsson, and M. R. Sánchez, “Combining evidence in personal identity verification systems,” Pattern Recognition Letters, vol. 18, no. 9, pp. 845–852, 1997. View at Publisher · View at Google Scholar
  126. H. Saevanee, N. Clarke, and S. Furnell, “Multi-modal behavioural biometric authentication for mobile devices,” in in Information Security and Privacy Research, pp. 465–474, Springer, Heidelberg, Germany, 2012. View at Google Scholar
  127. Y. Tang, N. Hidenori, and Y. Urano, “User authentication on smart phones using a data mining method,” in Proceedings of the International Conference on Information Society (i-Society), pp. 173–178, IEEE, London, UK, June 2010.
  128. S. M. Welten, Sensing with Smartphones, 2013.
  129. Y. Obuchi, “PDA speech database,” 2006, http://www.speech.cs.cmu.edu/databases/pda/index.html. View at Google Scholar
  130. S. Eberz, K. B. Rasmussen, V. Lenders, and I. Martinovic, “Evaluating behavioral biometrics for continuous authentication: challenges and metrics,” in Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pp. 386–399, ACM, Abu Dhabi, UAE, April 2017.
  131. U. Mahbub, S. Sarkar, V. M. Patel, and R. Chellappa, “Active user authentication for smartphones: a challenge data set and benchmark results,” in Proceedings of the IEEE 8th International Conference on Biometrics Theory, Applications and Systems (BTAS 2016), pp. 1–8, IEEE, Buffalo, NY, USA, September 2016.
  132. A. Stolerman, A. Fridman, R. Greenstadt, P. Brennan, and P. Juola, “Active linguistic authentication revisited: real-time stylometric evaluation towards multi-modal decision fusion,” in Proceedings of the Tenth Annual IFIP WG 11.9 International Conference on Digital Forensics, vol. 11, pp. 1–11, Vienna, Austria, January 2014.
  133. R. P. Guidorizzi, “Security: active authentication,” IT Professional, vol. 15, no. 4, pp. 4–7, 2013. View at Google Scholar
  134. L. Fridman, S. Weber, R. Greenstadt, and M. Kam, “Active authentication on mobile devices via stylometry, application usage, web browsing, and GPS location,” IEEE Systems Journal, vol. 11, no. 2, pp. 513–521, 2017. View at Publisher · View at Google Scholar · View at Scopus
  135. M. L. Brocardo, I. Traore, and I. Woungang, “Toward a framework for continuous authentication using stylometry,” in Proceedings of the IEEE 28th International Conference on Advanced Information Networking and Applications (AINA 2014), pp. 106–115, IEEE, Victoria, Canada, May 2014.
  136. ClearLogin, “Risk-based authentication,” 2017, http://www.clearlogin.com/glossary/risk-based-authentication/. View at Google Scholar
  137. B. Schneier, “Risk-based authentication,” 2013, https://www.schneier.com/blog/archives/2013/11/risk-based_auth.html. View at Google Scholar
  138. Identity Automation, “Risk-based authentication,” 2017, https://www.identityautomation.com/iam-platform/rapididentityidentity-access-management/multi-factor-authentication/risk-based-authentication/. View at Google Scholar
  139. D. Hintze, E. Koch, S. Scholz, and R. Mayrhofer, “Location-based risk assessment for mobile authentication,” in Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing: Adjunct, pp. 85–88, ACM, Heidelberg, Germany, September 2016.
  140. Y. Y. Haimes, Risk Modeling, Assessment, and Management, John Wiley & Sons, Hoboken, NJ, USA, 2015.
  141. IdentityAutomation, “What is adaptive authentication?” 2017, http://blog.identityautomation.com/what-is-adaptive-authentication. View at Google Scholar
  142. A. Jain and A. Kumar, “Biometric recognition: an overview,” in Second Generation Biometrics: The Ethical, Legal and Social Context, E. Mordini and D. Tzovaras, Eds., pp. 49–79, Springer, Dordrecht, Netherlands, 2012. View at Google Scholar
  143. P. P. Paul, M. L. Gavrilova, and R. Alhajj, “Decision fusion for multimodal biometrics using social network analysis,” IEEE Transactions on Systems, Man, and Cybernetics: Systems, vol. 44, no. 11, pp. 1522–1533, 2014. View at Publisher · View at Google Scholar · View at Scopus