Taxonomy of Biometric-based Authentication Schemes for Mobile Computing Devices

In this paper, we provide a comprehensive review of state-of-the-art results for biometric-based authentication schemes in mobile computing devices. We select and examine twenty biometric-based authentication schemes developed for mobile computing devices. We discuss current issues that hinder biometrics models’ development and deployment on a large scale, including human physiological (e.g., face, eyes, fingerprints-palm, or electrocardiogram) and behavioral features (e.g., signature, voice, gait, or keystroke). Threat models and countermeasures used by biometrics-based authentication schemes for mobile computing devices are also presented. Throughout, we identify the pitfalls and limitations of the existing biometric-based authentication schemes for mobile computing devices. Based on the current taxonomy, we discuss the research problems and outline directions for future research efforts in biometrics-based authentication schemes for mobile devices.

[1]  Daniel González-Jiménez,et al.  Face recognition for authentication on mobile devices , 2016, Image Vis. Comput..

[2]  Ting-Yi Chang,et al.  Two novel biometric features in keystroke dynamics authentication systems for touch screen devices , 2014, Secur. Commun. Networks.

[3]  Senaka Buthpitiya,et al.  Bodyprint: Biometric User Identification on Mobile Devices Using the Capacitive Touchscreen to Scan Body Parts , 2015, CHI.

[4]  Andrea F. Abate,et al.  I-Am: Implicitly Authenticate Me—Person Authentication on Mobile Devices Through Ear Shape and Arm Gesture , 2019, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[5]  Thuc Dinh Nguyen,et al.  Gait authentication on mobile phone using biometric cryptosystem and fuzzy commitment scheme , 2015, International Journal of Information Security.

[6]  Jong Wook Hong,et al.  Combined Authentication-Based Multilevel Access Control in Mobile Application for DailyLifeService , 2010, IEEE Transactions on Mobile Computing.

[7]  Mohamed Amine Ferrag,et al.  A Novel Intrusion Detection Mechanism for SCADA systems which Automatically Adapts to Network Topology Changes , 2017, EAI Endorsed Trans. Ind. Networks Intell. Syst..

[8]  Steven Furnell,et al.  Advanced user authentication for mobile devices , 2007, Comput. Secur..

[9]  Antonios Argyriou,et al.  Security for 4G and 5G Cellular Networks: A Survey of Existing Authentication and Privacy-preserving Schemes , 2017, J. Netw. Comput. Appl..

[10]  Alessandro Neri,et al.  Keystroke dynamics authentication for mobile phones , 2011, SAC.

[11]  Rui Zhang,et al.  Your song your way: Rhythm-based two-factor authentication for multi-touch mobile devices , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[12]  Mohamed Amine Ferrag,et al.  ECPDR: An Efficient Conditional Privacy-Preservation Scheme with Demand Response for Secure Ad hoc Social Communications , 2013, Int. J. Embed. Real Time Commun. Syst..

[13]  Lu Zhou,et al.  I Walk, Therefore I Am: Continuous User Authentication with Plantar Biometrics , 2018, IEEE Communications Magazine.

[14]  Steven Furnell,et al.  Authenticating mobile phone users using keystroke analysis , 2006, International Journal of Information Security.

[15]  Xiong Li,et al.  A robust biometrics based three-factor authentication scheme for Global Mobility Networks in smart city , 2017, Future Gener. Comput. Syst..

[16]  Nasir D. Memon,et al.  Biometric-rich gestures: a novel approach to authentication on multi-touch devices , 2012, CHI.

[17]  Sungzoon Cho,et al.  Keystroke dynamics-based authentication for mobile devices , 2009, Comput. Secur..

[18]  Florian Alt,et al.  GazeTouchPIN: protecting sensitive data on mobile devices using secure multimodal authentication , 2017, ICMI.

[19]  Dawn Xiaodong Song,et al.  Touchalytics: On the Applicability of Touchscreen Input as a Behavioral Biometric for Continuous Authentication , 2012, IEEE Transactions on Information Forensics and Security.

[20]  Sherali Zeadally,et al.  Anonymous biometrics-based authentication scheme with key distribution for mobile multi-server environment , 2017, Future Gener. Comput. Syst..

[21]  Ahmed Ahmim,et al.  ESSPR: an efficient secure routing scheme based on searchable encryption with vehicle proxy re-encryption for vehicular peer-to-peer social network , 2017, Telecommun. Syst..

[22]  Cheng-Chi Lee,et al.  Mobile device integration of a fingerprint biometric remote authentication scheme , 2012, Int. J. Commun. Syst..

[23]  Kwang-Seok Hong,et al.  Multimodal biometric authentication using teeth image and voice in mobile environment , 2008, IEEE Transactions on Consumer Electronics.

[24]  Cheng-Jung Tsai,et al.  A graphical-based password keystroke dynamic authentication system for touch screen handheld mobile devices , 2012, J. Syst. Softw..

[25]  Ahmed Ahmim,et al.  Privacy-Preserving Schemes for Ad Hoc Social Networks: A Survey , 2016, IEEE Communications Surveys & Tutorials.

[26]  Wenyao Xu,et al.  Cardiac Scan: A Non-contact and Continuous Heart-based User Authentication System , 2017, MobiCom.

[27]  Jiankun Hu,et al.  A fingerprint based bio-cryptographic security protocol designed for client/server authentication in mobile computing environment , 2011, Secur. Commun. Networks.

[28]  Duncan S. Wong,et al.  Touch Gestures Based Biometric Authentication Scheme for Touchscreen Mobile Phones , 2012, Inscrypt.

[29]  Peter Corcoran,et al.  Enhancing iris authentication on handheld devices using deep learning derived segmentation techniques , 2018, 2018 IEEE International Conference on Consumer Electronics (ICCE).

[30]  Luisa Verdoliva,et al.  Iris liveness detection for mobile devices based on local descriptors , 2015, Pattern Recognit. Lett..

[31]  Mohamed Amine Ferrag,et al.  Authentication Protocols for Internet of Things: A Comprehensive Survey , 2016, Secur. Commun. Networks.

[32]  Xiaomin Wang,et al.  Chaotic hash-based fingerprint biometric remote user authentication scheme on mobile devices , 2008 .

[33]  Jinyuan Sun,et al.  Energy-efficient W-layer for behavior-based implicit authentication on mobile devices , 2017, IEEE INFOCOM 2017 - IEEE Conference on Computer Communications.

[34]  Rui Zhang,et al.  TouchIn: Sightless two-factor authentication on multi-touch mobile devices , 2014, 2014 IEEE Conference on Communications and Network Security.

[35]  Rui Liu,et al.  Vocal Resonance , 2018, Proc. ACM Interact. Mob. Wearable Ubiquitous Technol..

[36]  Chun Chen,et al.  A strong user authentication scheme with smart cards for wireless communications , 2011, Comput. Commun..

[37]  Ning Zhang,et al.  A survey on touch dynamics authentication in mobile devices , 2016, Comput. Secur..

[38]  Saraju P. Mohanty,et al.  Swing-Pay: One Card Meets All User Payment and Identity Needs: A Digital Card Module using NFC and Biometric Authentication for Peer-to-Peer Payment , 2017, IEEE Consumer Electronics Magazine.

[39]  Muhammad Khurram Khan,et al.  More efficient key-hash based fingerprint remote authentication scheme using mobile device , 2014, Computing.

[40]  Michele Nappi,et al.  FIRME: Face and Iris Recognition for Mobile Engagement , 2014, Image Vis. Comput..

[41]  Alex X. Liu,et al.  Behavior Based Human Authentication on Touch Screen Devices Using Gestures and Signatures , 2017, IEEE Transactions on Mobile Computing.

[42]  Michele Nappi,et al.  Multimodal authentication on smartphones: Combining iris and sensor recognition for a double check of user identity , 2016, Pattern Recognit. Lett..

[43]  Sharad Borle,et al.  Estimating the Contextual Risk of Data Breach: An Empirical Approach , 2015, J. Manag. Inf. Syst..

[44]  Elisa Bertino,et al.  PrivBioMTAuth: Privacy Preserving Biometrics-Based and User Centric Protocol for User Authentication From Mobile Phones , 2018, IEEE Transactions on Information Forensics and Security.

[45]  Qing Yang,et al.  HMOG: New Behavioral Biometric Features for Continuous Authentication of Smartphone Users , 2015, IEEE Transactions on Information Forensics and Security.

[46]  Xiong Li,et al.  Robust three-factor remote user authentication scheme with key agreement for multimedia systems , 2016, Secur. Commun. Networks.

[47]  Ahmed Ahmim,et al.  An intrusion detection system based on combining probability predictions of a tree of classifiers , 2018, Int. J. Commun. Syst..

[48]  Muhammad Khurram Khan,et al.  An anonymous biometric-based remote user-authenticated key agreement scheme for multimedia systems , 2017, Int. J. Commun. Syst..

[49]  Hyunggon Park,et al.  ECG Authentication System Design Based on Signal Analysis in Mobile and Wearable Devices , 2016, IEEE Signal Processing Letters.

[50]  Rama Chellappa,et al.  Partial face detection for continuous authentication , 2016, 2016 IEEE International Conference on Image Processing (ICIP).

[51]  Tao Feng,et al.  Continuous mobile authentication using touchscreen gestures , 2012, 2012 IEEE Conference on Technologies for Homeland Security (HST).

[52]  Chun-Ta Li,et al.  An efficient biometrics-based remote user authentication scheme using smart cards , 2010, J. Netw. Comput. Appl..

[53]  Mohamed Amine Ferrag EPEC: an efficient privacy-preserving energy consumption scheme for smart grid communications , 2017, Telecommun. Syst..

[54]  Rama Chellappa,et al.  Deep feature-based face detection on mobile devices , 2016, 2016 IEEE International Conference on Identity, Security and Behavior Analysis (ISBA).

[55]  Mohamed Amine Ferrag,et al.  A systematic review of data protection and privacy preservation schemes for smart grid communications , 2018 .

[56]  Abdulmotaleb El-Saddik,et al.  ECG Authentication for Mobile Devices , 2016, IEEE Transactions on Instrumentation and Measurement.