Authentication of users on mobile telephones - A survey of attitudes and practices

With the ever-increasing functionality and services accessible via mobile telephones, there is a strong argument that the level of user authentication implemented on the devices should be extended beyond the Personal Identification Number (PIN) that has traditionally been used. This paper presents the results of a survey of 297 mobile subscribers, which attempted to assess their use of mobile devices, their use of current authentication methods, and their attitudes towards future security options. The findings revealed that the majority of the respondents make significant use of their devices, with clear demands for protection against unauthorised use. However, the use of current PIN-based authentication is problematic, with a third of the respondents indicating that they do not use it at all, and other problems being reported amongst those that do. In view of this, the respondents' opinions in relation to future security options are interesting, with 83% being willing to accept some form of biometric authentication on their device. The discussion considers these findings, and the potential applicability of the preferred techniques to mobile devices. (C) 2005 Elsevier Ltd. All rights reserved.