Advanced user authentication for mobile devices

As mobile devices continue to evolve in terms of the capabilities and services offered, so they introduce additional demands in terms of security. An issue that has traditionally been poorly served is user authentication, with the majority of devices relying upon problematic secret knowledge approaches. This paper proposes the use of more advanced biometric methods as an alternative. After considering the general range of available techniques and their applicability to mobile devices, the discussion focuses upon the concept of keystroke analysis. Results of a practical evaluation are presented based upon the entry of both telephone numbers and text messages on a mobile phone. The findings reveal the technique to have promise for certain users with average error rates below 5%. The paper then proceeds to explain how the accuracy could be further improved by incorporating keystroke analysis within a composite authentication mechanism that utilises a portfolio of authentication techniques to provide robust, accurate and transparent authentication of the user. (c) 2006 Elsevier Ltd. All rights reserved.