TaPIN: Reinforcing PIN Authentication on Smartphones With Tap Biometrics

IF 7.7 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Transactions on Mobile Computing Pub Date : 2024-11-20 DOI:10.1109/TMC.2024.3502902

Junhyub Lee;Insu Kim;Sangeun Oh;Hyosu Kim

{"title":"TaPIN: Reinforcing PIN Authentication on Smartphones With Tap Biometrics","authors":"Junhyub Lee;Insu Kim;Sangeun Oh;Hyosu Kim","doi":"10.1109/TMC.2024.3502902","DOIUrl":null,"url":null,"abstract":"PIN authentication is the first line of defense for protecting private data on many smartphone applications, such as lock screens, messengers, and banking apps. However, existing PIN authentication systems have several constraints regarding security, usability, and robustness. To go beyond their limitations, this paper presents TaPIN, a reliable system that authenticates smartphone users with the collaborative use of PINs and tap biometrics. A user is first instructed to enter her PIN by tapping a smartphone screen for authentication. During the PIN entry, the user's fingertip collides with the screen, producing user-specific vibration and sound signals. TaPIN then senses the tap-induced signals and the collision properties, e.g., pressures and sizes, using the smartphone's built-in sensors and leverages them as biometric features. That is, it authenticates the user by verifying not only the entered PIN but also the collected features. Our experiments with 20 real-world users demonstrate that this two-factor authentication system is easy to use, more secure than existing methods, and deployable without dedicated hardware. For example, it accurately authenticates users with an average EER of 1.9% in stationary environments and maintains a reasonable level of security regardless of devices, tap styles, and noise.","PeriodicalId":50389,"journal":{"name":"IEEE Transactions on Mobile Computing","volume":"24 4","pages":"2519-2533"},"PeriodicalIF":7.7000,"publicationDate":"2024-11-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Mobile Computing","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10759290/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

PIN authentication is the first line of defense for protecting private data on many smartphone applications, such as lock screens, messengers, and banking apps. However, existing PIN authentication systems have several constraints regarding security, usability, and robustness. To go beyond their limitations, this paper presents TaPIN, a reliable system that authenticates smartphone users with the collaborative use of PINs and tap biometrics. A user is first instructed to enter her PIN by tapping a smartphone screen for authentication. During the PIN entry, the user's fingertip collides with the screen, producing user-specific vibration and sound signals. TaPIN then senses the tap-induced signals and the collision properties, e.g., pressures and sizes, using the smartphone's built-in sensors and leverages them as biometric features. That is, it authenticates the user by verifying not only the entered PIN but also the collected features. Our experiments with 20 real-world users demonstrate that this two-factor authentication system is easy to use, more secure than existing methods, and deployable without dedicated hardware. For example, it accurately authenticates users with an average EER of 1.9% in stationary environments and maintains a reasonable level of security regardless of devices, tap styles, and noise.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Mobile Computing 工程技术-电信学

CiteScore

12.90

自引率

2.50%

发文量

403

审稿时长

6.6 months

期刊介绍： IEEE Transactions on Mobile Computing addresses key technical issues related to various aspects of mobile computing. This includes (a) architectures, (b) support services, (c) algorithm/protocol design and analysis, (d) mobile environments, (e) mobile communication systems, (f) applications, and (g) emerging technologies. Topics of interest span a wide range, covering aspects like mobile networks and hosts, mobility management, multimedia, operating system support, power management, online and mobile environments, security, scalability, reliability, and emerging technologies such as wearable computers, body area networks, and wireless sensor networks. The journal serves as a comprehensive platform for advancements in mobile computing research.