Khamis, M. , Marky, K., Bulling, A. and Alt, F. (2022) User-centred multimodal authentication: securing handheld mobile devices using gaze and touch input. Behaviour and Information Technology, 41(10), pp. 2061-2083. (doi: 10.1080/0144929X.2022.2069597)
Text
269613.pdf - Published Version Available under License Creative Commons Attribution. 3MB |
Abstract
Handheld mobile devices store a plethora of sensitive data, such as private emails, personal messages, photos, and location data. Authentication is essential to protect access to sensitive data. However, the majority of mobile devices are currently secured by singlemodal authentication schemes which are vulnerable to shoulder surfing, smudge attacks, and thermal attacks. While some authentication schemes protect against one of these attacks, only few schemes address all three of them. We propose multimodal authentication where touch and gaze input are combined to resist shoulder surfing, as well as smudge and thermal attacks. Based on a series of previously published works where we studied the usability of several user-centred multimodal authentication designs and their security against multiple threat models, we provide a comprehensive overview of multimodal authentication on handheld mobile devices. We further present guidelines on how to leverage multiple input modalities for enhancing the usability and security of user authentication on mobile devices.
Item Type: | Articles |
---|---|
Additional Information: | This work has been funded, in part, by the PETRAS National Centre of Excellence for IoT Systems Cybersecurity, which has been funded by the UK EPSRC [grant number EP/S035362/1], an EPSRC New Investigator award [EP/V008870/1], and the Royal Society of Edinburgh [award number #65040]. |
Status: | Published |
Refereed: | Yes |
Glasgow Author(s) Enlighten ID: | Marky, Dr Karola and Khamis, Dr Mohamed |
Authors: | Khamis, M., Marky, K., Bulling, A., and Alt, F. |
College/School: | College of Science and Engineering > School of Computing Science |
Journal Name: | Behaviour and Information Technology |
Publisher: | Taylor & Francis |
ISSN: | 0144-929X |
ISSN (Online): | 1362-3001 |
Published Online: | 06 May 2022 |
Copyright Holders: | Copyright © 2022 The Authors |
First Published: | First published in Behaviour and Information Technology 41(10): 2061-2083 |
Publisher Policy: | Reproduced under a Creative Commons License |
University Staff: Request a correction | Enlighten Editors: Update this record