Mobile User Authentication

Research highlights

Mobile user authentication is the verification of a user’s identity during the access to and use of a mobile device. The pervasive and prevalent use of touch screen mobile phones in both work and daily life has generated more and more private and sensitive information on those devices. Accordingly, there is an ever-increasing need to improve the security of mobile phones. Recent advances in mobile user authentication (MUA) technologies mainly focus on entry-point authentication.

Although post-log-in continuous authentication has attracted increasing attention from researchers, none of the previous studies addressed mobile user authentication at both stages simultaneously. In addition, extant authentication systems are subject to the common trade-off between security and usability. In this research area, we are interested in designing implicit and continuous mobile user authentication methods based on integration of touch dynamics, keyboard dynamics, and traditional password based methods to support both login and continuous MUA.

Selected publications

Wang, K., L. Zhou, D. Zhang (2023), Biometrics-Based Mobile User Authentication for the Elderly: Accessibility, Performance, and Method Design, International Journal of Human-Computer Interaction.

Zhou, L., K. Wang, J. Lai, D. Zhang (2023), A Comparison of a Touch Gesture- and a Keystroke-based Password Method: Toward Shoulder-surfing Resistant Mobile User Authentication, IEEE Transactions on Human-Machine Systems, 53(2), 303-314.

Lai, J., L. Zhou, K. Wang, and D. Zhang (2022), From Small to Big: Smartwatch Use in Mitigating COVID-19 — understanding user experience from social media content analysis, Hawaii International Conference on System Sciences (HICSS-55), January 3-7, HI, USA. (Virtual)

Jianwei Lai and Ernest Arko (2021) A shoulder-surfing resistant scheme embedded in traditional passwords, Hawaii International Conference on System Sciences (HICSS-55), January 5-8, HI, USA.

Lina Zhou, Kanlun Wang, Jianwei Lai, Dongsong Zhang (2021), Understanding Attacking Behaviors Toward Password-based Mobile User Authentication Authors, Who Are You?! Adventures in Authentication Workshop, https://wayworkshop.org/2021/papers/way2021-zhou.pdf

Zhou, L. K. Wang, J. Lai and D. Zhang (2021), Behaviors of Unwarranted Password Identification via Shoulder-Surfing during Mobile Authentication, IEEE International Conference on Intelligence and Security Informatics, San Antonio, TX, Nov. 2-3, 2021. (Virtual)

Kanlun Wang, Lina Zhou, Dongsong Zhang, Zhihui Liu and Jaewan Lim (2020), What is More Important for Touch Dynamics based Mobile User Authentication?, Proceedings of the PACIS, June 20-24.

K. Wang, L. Zhou and D. Zhang (2019). User Preferences and Situational Needs of Mobile User Authentication Methods, IEEE International Conference on Intelligence and Security Informatics, Shenzhen, China, July 1-3, 2019. (Best paper runner up)

Lai, J., D. Zhang, S. Wang, D. Kilic, and L. Zhou (2019), ThumbStroke: A Virtual Keyboard in Support of Sight-Free and One-Handed Text Entry on Touch-Screen Mobile Devices, ACM Transactions on Management Information Systems, 10(3), 1-19.

Wang, K., Zhou, L., and Zhang, D. (2019). Making Smartphones More Secure and Usable: An Exploratory Study on User Preferences and Situational Needs of Mobile User Authentication Methods. The 17th IEEE International Conference on Intelligence and Security Informatics (IEEE ISI 2019). Shenzhen, Guangdong, China. July 1-3, 2019

Zhang, D., Zhou, L., and Pisupati, S. (2019). Tracing One’s Touches: Continuous Mobile User Authentication Based on Touch Dynamics. The 25th Americas Conference on Information Systems (AMCIS 2019). August 15-17, 2019. Cancun, Mexico.

Zhang, D., Kang, Y., Zhou, L. and Lai, J. (2016). Continuous User Authentication on Touch-screen Mobile Devices: Toward More Secure and Usable M-Commerce. The Fifteenth Workshop on e-Business (WeB 2016). Dec. 10, 2016. Dublin, Ireland. READ

Zhou, L., Kang, Y., Zhang, D. and Lai, J. (2016). Harmonized Thumb Stroke Based User Authentication for Touch-screen Mobile Phones. Decision Support Systems. 92,14-24. READ