TouchIn

Sightless two-factor authentication on multi-touch mobile devices

Jingchao Sun, Rui Zhang, Jinxue Zhang, Yanchao Zhang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

24 Citations (Scopus)

Abstract

Mobile authentication is indispensable for preventing unauthorized access to multi-touch mobile devices. Existing mobile authentication techniques are often cumbersome to use and also vulnerable to shoulder-surfing and smudge attacks. This paper focuses on designing, implementing, and evaluating TouchIn, a two-factor authentication system on multi-touch mobile devices. TouchIn works by letting a user draw on the touchscreen with one or multiple fingers to unlock his mobile device, and the user is authenticated based on the geometric properties of his drawn curves as well as his behavioral and physiological characteristics. TouchIn allows the user to draw on arbitrary regions on the touchscreen without looking at it. This nice sightless feature makes TouchIn very easy to use and also robust to shoulder-surfing and smudge attacks. Comprehensive experiments on Android devices confirm the high security and usability of TouchIn.

Original languageEnglish (US)
Title of host publication2014 IEEE Conference on Communications and Network Security, CNS 2014
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages436-444
Number of pages9
ISBN (Print)9781479958900
DOIs
StatePublished - Dec 23 2014
Event2014 IEEE Conference on Communications and Network Security, CNS 2014 - San Francisco, United States
Duration: Oct 29 2014Oct 31 2014

Other

Other2014 IEEE Conference on Communications and Network Security, CNS 2014
CountryUnited States
CitySan Francisco
Period10/29/1410/31/14

Fingerprint

Mobile devices
Authentication
Touch screens
Experiments

ASJC Scopus subject areas

  • Computer Networks and Communications

Cite this

Sun, J., Zhang, R., Zhang, J., & Zhang, Y. (2014). TouchIn: Sightless two-factor authentication on multi-touch mobile devices. In 2014 IEEE Conference on Communications and Network Security, CNS 2014 (pp. 436-444). [6997513] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CNS.2014.6997513

TouchIn : Sightless two-factor authentication on multi-touch mobile devices. / Sun, Jingchao; Zhang, Rui; Zhang, Jinxue; Zhang, Yanchao.

2014 IEEE Conference on Communications and Network Security, CNS 2014. Institute of Electrical and Electronics Engineers Inc., 2014. p. 436-444 6997513.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Sun, J, Zhang, R, Zhang, J & Zhang, Y 2014, TouchIn: Sightless two-factor authentication on multi-touch mobile devices. in 2014 IEEE Conference on Communications and Network Security, CNS 2014., 6997513, Institute of Electrical and Electronics Engineers Inc., pp. 436-444, 2014 IEEE Conference on Communications and Network Security, CNS 2014, San Francisco, United States, 10/29/14. https://doi.org/10.1109/CNS.2014.6997513
Sun J, Zhang R, Zhang J, Zhang Y. TouchIn: Sightless two-factor authentication on multi-touch mobile devices. In 2014 IEEE Conference on Communications and Network Security, CNS 2014. Institute of Electrical and Electronics Engineers Inc. 2014. p. 436-444. 6997513 https://doi.org/10.1109/CNS.2014.6997513
Sun, Jingchao ; Zhang, Rui ; Zhang, Jinxue ; Zhang, Yanchao. / TouchIn : Sightless two-factor authentication on multi-touch mobile devices. 2014 IEEE Conference on Communications and Network Security, CNS 2014. Institute of Electrical and Electronics Engineers Inc., 2014. pp. 436-444
@inproceedings{e5c0a0f07de648b79dc776871f000930,
title = "TouchIn: Sightless two-factor authentication on multi-touch mobile devices",
abstract = "Mobile authentication is indispensable for preventing unauthorized access to multi-touch mobile devices. Existing mobile authentication techniques are often cumbersome to use and also vulnerable to shoulder-surfing and smudge attacks. This paper focuses on designing, implementing, and evaluating TouchIn, a two-factor authentication system on multi-touch mobile devices. TouchIn works by letting a user draw on the touchscreen with one or multiple fingers to unlock his mobile device, and the user is authenticated based on the geometric properties of his drawn curves as well as his behavioral and physiological characteristics. TouchIn allows the user to draw on arbitrary regions on the touchscreen without looking at it. This nice sightless feature makes TouchIn very easy to use and also robust to shoulder-surfing and smudge attacks. Comprehensive experiments on Android devices confirm the high security and usability of TouchIn.",
author = "Jingchao Sun and Rui Zhang and Jinxue Zhang and Yanchao Zhang",
year = "2014",
month = "12",
day = "23",
doi = "10.1109/CNS.2014.6997513",
language = "English (US)",
isbn = "9781479958900",
pages = "436--444",
booktitle = "2014 IEEE Conference on Communications and Network Security, CNS 2014",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - TouchIn

T2 - Sightless two-factor authentication on multi-touch mobile devices

AU - Sun, Jingchao

AU - Zhang, Rui

AU - Zhang, Jinxue

AU - Zhang, Yanchao

PY - 2014/12/23

Y1 - 2014/12/23

N2 - Mobile authentication is indispensable for preventing unauthorized access to multi-touch mobile devices. Existing mobile authentication techniques are often cumbersome to use and also vulnerable to shoulder-surfing and smudge attacks. This paper focuses on designing, implementing, and evaluating TouchIn, a two-factor authentication system on multi-touch mobile devices. TouchIn works by letting a user draw on the touchscreen with one or multiple fingers to unlock his mobile device, and the user is authenticated based on the geometric properties of his drawn curves as well as his behavioral and physiological characteristics. TouchIn allows the user to draw on arbitrary regions on the touchscreen without looking at it. This nice sightless feature makes TouchIn very easy to use and also robust to shoulder-surfing and smudge attacks. Comprehensive experiments on Android devices confirm the high security and usability of TouchIn.

AB - Mobile authentication is indispensable for preventing unauthorized access to multi-touch mobile devices. Existing mobile authentication techniques are often cumbersome to use and also vulnerable to shoulder-surfing and smudge attacks. This paper focuses on designing, implementing, and evaluating TouchIn, a two-factor authentication system on multi-touch mobile devices. TouchIn works by letting a user draw on the touchscreen with one or multiple fingers to unlock his mobile device, and the user is authenticated based on the geometric properties of his drawn curves as well as his behavioral and physiological characteristics. TouchIn allows the user to draw on arbitrary regions on the touchscreen without looking at it. This nice sightless feature makes TouchIn very easy to use and also robust to shoulder-surfing and smudge attacks. Comprehensive experiments on Android devices confirm the high security and usability of TouchIn.

UR - http://www.scopus.com/inward/record.url?scp=84921466556&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84921466556&partnerID=8YFLogxK

U2 - 10.1109/CNS.2014.6997513

DO - 10.1109/CNS.2014.6997513

M3 - Conference contribution

SN - 9781479958900

SP - 436

EP - 444

BT - 2014 IEEE Conference on Communications and Network Security, CNS 2014

PB - Institute of Electrical and Electronics Engineers Inc.

ER -