TouchIn: Sightless two-factor authentication on multi-touch mobile devices

Jingchao Sun; Rui Zhang; Jinxue Zhang; Yanchao Zhang

doi:10.1109/CNS.2014.6997513

TouchIn: Sightless two-factor authentication on multi-touch mobile devices

Jingchao Sun, Rui Zhang, Jinxue Zhang, Yanchao Zhang

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

43 Scopus citations

Abstract

Mobile authentication is indispensable for preventing unauthorized access to multi-touch mobile devices. Existing mobile authentication techniques are often cumbersome to use and also vulnerable to shoulder-surfing and smudge attacks. This paper focuses on designing, implementing, and evaluating TouchIn, a two-factor authentication system on multi-touch mobile devices. TouchIn works by letting a user draw on the touchscreen with one or multiple fingers to unlock his mobile device, and the user is authenticated based on the geometric properties of his drawn curves as well as his behavioral and physiological characteristics. TouchIn allows the user to draw on arbitrary regions on the touchscreen without looking at it. This nice sightless feature makes TouchIn very easy to use and also robust to shoulder-surfing and smudge attacks. Comprehensive experiments on Android devices confirm the high security and usability of TouchIn.

Original language	English (US)
Title of host publication	2014 IEEE Conference on Communications and Network Security, CNS 2014
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	436-444
Number of pages	9
ISBN (Electronic)	9781479958900
DOIs	https://doi.org/10.1109/CNS.2014.6997513
State	Published - Dec 23 2014
Event	2014 IEEE Conference on Communications and Network Security, CNS 2014 - San Francisco, United States Duration: Oct 29 2014 → Oct 31 2014

Publication series

Name	2014 IEEE Conference on Communications and Network Security, CNS 2014

Other

Other	2014 IEEE Conference on Communications and Network Security, CNS 2014
Country/Territory	United States
City	San Francisco
Period	10/29/14 → 10/31/14

ASJC Scopus subject areas

Computer Networks and Communications

Access to Document

10.1109/CNS.2014.6997513

Cite this

Sun, J., Zhang, R., Zhang, J., & Zhang, Y. (2014). TouchIn: Sightless two-factor authentication on multi-touch mobile devices. In 2014 IEEE Conference on Communications and Network Security, CNS 2014 (pp. 436-444). [6997513] (2014 IEEE Conference on Communications and Network Security, CNS 2014). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CNS.2014.6997513

TouchIn: Sightless two-factor authentication on multi-touch mobile devices. / Sun, Jingchao; Zhang, Rui; Zhang, Jinxue et al.
2014 IEEE Conference on Communications and Network Security, CNS 2014. Institute of Electrical and Electronics Engineers Inc., 2014. p. 436-444 6997513 (2014 IEEE Conference on Communications and Network Security, CNS 2014).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Sun, J, Zhang, R, Zhang, J & Zhang, Y 2014, TouchIn: Sightless two-factor authentication on multi-touch mobile devices. in 2014 IEEE Conference on Communications and Network Security, CNS 2014., 6997513, 2014 IEEE Conference on Communications and Network Security, CNS 2014, Institute of Electrical and Electronics Engineers Inc., pp. 436-444, 2014 IEEE Conference on Communications and Network Security, CNS 2014, San Francisco, United States, 10/29/14. https://doi.org/10.1109/CNS.2014.6997513

@inproceedings{e5c0a0f07de648b79dc776871f000930,

title = "TouchIn: Sightless two-factor authentication on multi-touch mobile devices",

abstract = "Mobile authentication is indispensable for preventing unauthorized access to multi-touch mobile devices. Existing mobile authentication techniques are often cumbersome to use and also vulnerable to shoulder-surfing and smudge attacks. This paper focuses on designing, implementing, and evaluating TouchIn, a two-factor authentication system on multi-touch mobile devices. TouchIn works by letting a user draw on the touchscreen with one or multiple fingers to unlock his mobile device, and the user is authenticated based on the geometric properties of his drawn curves as well as his behavioral and physiological characteristics. TouchIn allows the user to draw on arbitrary regions on the touchscreen without looking at it. This nice sightless feature makes TouchIn very easy to use and also robust to shoulder-surfing and smudge attacks. Comprehensive experiments on Android devices confirm the high security and usability of TouchIn.",

author = "Jingchao Sun and Rui Zhang and Jinxue Zhang and Yanchao Zhang",

note = "Publisher Copyright: {\textcopyright} 2014 IEEE.; 2014 IEEE Conference on Communications and Network Security, CNS 2014 ; Conference date: 29-10-2014 Through 31-10-2014",

year = "2014",

month = dec,

day = "23",

doi = "10.1109/CNS.2014.6997513",

language = "English (US)",

series = "2014 IEEE Conference on Communications and Network Security, CNS 2014",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "436--444",

booktitle = "2014 IEEE Conference on Communications and Network Security, CNS 2014",

}

TY - GEN

T1 - TouchIn

T2 - 2014 IEEE Conference on Communications and Network Security, CNS 2014

AU - Sun, Jingchao

AU - Zhang, Rui

AU - Zhang, Jinxue

AU - Zhang, Yanchao

PY - 2014/12/23

Y1 - 2014/12/23

N2 - Mobile authentication is indispensable for preventing unauthorized access to multi-touch mobile devices. Existing mobile authentication techniques are often cumbersome to use and also vulnerable to shoulder-surfing and smudge attacks. This paper focuses on designing, implementing, and evaluating TouchIn, a two-factor authentication system on multi-touch mobile devices. TouchIn works by letting a user draw on the touchscreen with one or multiple fingers to unlock his mobile device, and the user is authenticated based on the geometric properties of his drawn curves as well as his behavioral and physiological characteristics. TouchIn allows the user to draw on arbitrary regions on the touchscreen without looking at it. This nice sightless feature makes TouchIn very easy to use and also robust to shoulder-surfing and smudge attacks. Comprehensive experiments on Android devices confirm the high security and usability of TouchIn.

AB - Mobile authentication is indispensable for preventing unauthorized access to multi-touch mobile devices. Existing mobile authentication techniques are often cumbersome to use and also vulnerable to shoulder-surfing and smudge attacks. This paper focuses on designing, implementing, and evaluating TouchIn, a two-factor authentication system on multi-touch mobile devices. TouchIn works by letting a user draw on the touchscreen with one or multiple fingers to unlock his mobile device, and the user is authenticated based on the geometric properties of his drawn curves as well as his behavioral and physiological characteristics. TouchIn allows the user to draw on arbitrary regions on the touchscreen without looking at it. This nice sightless feature makes TouchIn very easy to use and also robust to shoulder-surfing and smudge attacks. Comprehensive experiments on Android devices confirm the high security and usability of TouchIn.

UR - http://www.scopus.com/inward/record.url?scp=84921466556&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84921466556&partnerID=8YFLogxK

U2 - 10.1109/CNS.2014.6997513

DO - 10.1109/CNS.2014.6997513

M3 - Conference contribution

AN - SCOPUS:84921466556

T3 - 2014 IEEE Conference on Communications and Network Security, CNS 2014

SP - 436

EP - 444

BT - 2014 IEEE Conference on Communications and Network Security, CNS 2014

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 29 October 2014 through 31 October 2014

ER -

TouchIn: Sightless two-factor authentication on multi-touch mobile devices

Abstract

Publication series

Other

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this