Position Independent Mobile User Authentication Using Keystroke Dynamics

Introduction

User authentication is a key operation in the use of mobile devices. Authentication ensures that the device is being used by a legitimate user. Authentication methods can be broadly divided into three categories (Wood, 1997):

• 1.

  Knowledge Based: Process in which a user is authenticated based on PIN or Password.

• 2.

  Token Based: Process in which a user is authenticated with the help of smart cards or ID cards etc.

• 3.

  Biometric: Process in which a user is authenticated based on his physical (finger scan, retina scan etc.) or behavioural attributes (keystroke dynamics, signature etc.).

Keystroke dynamics is the science of building up a user biometric based on his/her typing pattern. It is one of the upcoming methods for authentication (Khamparia and Pandey, 2015). Just like any other biometric system the authentication process in keystroke dynamics can be divided into enrollment and authentication phases. In the enrollment phase, the user input is taken and the system is trained by building and saving the user profile. In the authentication phase, a new profile is built and matched with the existing profile in the database. Error metrics like false acceptance rate (FAR), false rejection rate (FRR) and equal error rate (EER) are used to evaluate the performance of the system.

The most significant advantage of using keystroke dynamics over other biometrics is that it can be used for static as well as continuous authentication. Static authentication involves authenticating the user once during login whereas continuous authentication means authenticating the user for the entire session. Since a user types many times during a session hence his/her typing pattern can be analyzed continuously for the entire session.

Mobile phones do not limit the way we type as compared to typing on a hard keyboard used with personal computers or laptops. A mobile phone user may type when he is sitting, walking or in a relaxed position like lying on a bed or sofa. The research done so far in the field of keystroke dynamics related to mobile phones has considered the user in a specific position only. In most of the cases the position is sitting position, but some researchers have also considered a user in walking or in a moving car also. Even in these situations, the user profile has been developed separately for each situation.

This research proposes a novel idea of considering the input from a user independent of the position in which he/she types. The user input is taken in three different situations – sitting, walking and relaxed but the authentication process is done without considering any specific typing situation so as develop a system which can authenticate a user in all positions.

The rest of the chapter is organized as follows, Introduction includes the concept of keystroke dynamics and the motivation behind the research, Background the work related to the field of keystroke dynamics that has been done so far. Then the Main Idea behind the chapter is discussed followed by the Methodology and Results. Finally, the conclusion of the study is presented along with Future scope.