Harmonized authentication based on ThumbStroke dynamics on touch screen mobile phones

The pervasive and prevalent use of touch screen mobile phones in both work and daily life has generated more and more private and sensitive information on those devices. Accordingly, there is an ever-increasing need to improve the security of mobile phones. Recent advances in mobile user authentication technologies mainly focus on entry-point authentication. Although post-log-in continuous authentication has attracted increasing attention from researchers, none of the previous studies addressed mobile user authentication at both stages simultaneously. In addition, extant authentication systems are subject to the common trade-off between security and usability. To address the above limitations, we propose Harmonized Authentication based on ThumbStroke dynamics (HATS) that supports both entry-point and post-log-in mobile user authentication. HATS integrates password, gesture, keystroke, and touch dynamics-based authentication methods to address the vulnerabilities of individual methods to certain security attacks. Moreover, HATS supports one-handed thumb stroke-based interaction with touch screen mobile phones to improve the usability of authentication systems. We empirically evaluated HATS through controlled lab experiments. The results provide strong evidence that HATS improved both security and usability of mobile user authentication compared with keystroke dynamics based user authentication.