Touch signature can make mobile devices more secure
The system is called LatentGesture and was used during a Georgia Tech lab study using Android devices. The system was nearly 98 percent accurate on a smartphone and 97 percent correct on tablets. The research team will present the findings for the first time at the end of April.
"The system learns a person’s ‘touch signature,’ then constantly compares it to how the current user is interacting with the device," said Polo Chau, a Georgia Tech College of Computing assistant professor who led the study.
To test the system, Chau and his team set up an electronic form with a list of tasks for 20 participants. They were asked to tap buttons, check boxes and swipe slider bars on a phone and tablet to fill out the form. The system tracked their tendencies and created a profile for each person.
After profiles were stored, the researchers designated one person’s signature as the "owner" of the device and repeated the tests. LatentGesture successfully matched the owner and flagged everyone else as unauthorized users.
"Just like your fingerprint, everyone is unique when they use a touchscreen," said Chau. "Some people slide the bar with one quick swipe. Others gradually move it across the screen. Everyone taps the screen with different pressures while checking boxes."
The research team also programmed the system to store five touch signatures on the same device – one "owner" and four authorized users. When someone other than the owner used the tablet, the system identified each with 98 percent accuracy.
"This feature could be used when a child uses her dad’s tablet," said College of Computing sophomore Premkumar Saravanan. "The system would recognize her touch signature and allow her to use the device. But if she tried to buy an app, the system could prevent it."
The researchers say LatentGesture’s biggest advantage is that the system is constantly running in the background. The user doesn’t have to do anything different for added security and authentication.
LatentGesture is a new security system that continuously monitors how a user taps and swipes a mobile device. If the movements don’t match the owner’s tendencies, the system recognizes the differences and can be programmed to lock the device. Courtesy: Georgia Institute of Technology
IBM develops two-factor security for mobile transactions
Report warns that excessive security will kill the Internet of Things
Enterprise-ready mobile security from Samsung and Zscaler
ETSI starts standardisation process for European Cybersecurity