TY - GEN
T1 - Behavioral Biometrics for Mobile User Authentication: Benefits and Limitations
AU - Papaioannou, Maria
AU - Mantas, Georgios
AU - Panaousis, Emmanouil (Manos)
AU - Essop, Aliyah
AU - Rodriguez, Jonathan
AU - Sucasas, Victor
N1 - Funding Information:
ACKNOWLEDGMENT The research work leading to this publication has received funding from the European Union’s Horizon 2020 Research and Innovation programme under grant agreement H2020-MSCA-RISE-2019-eBORDER-872878. This research work was also supported by the Fundação para a Ciência e Tecnologia (FCT-Portugal) under Grant 2022.11452.BD.
Publisher Copyright:
© 2023 IFIP.
PY - 2023/7/24
Y1 - 2023/7/24
N2 - User authentication serves as the primary defense, also referred to as first line of defense, by verifying the identity of a mobile user, often as a requirement for accessing resources on a mobile device. For many years, user authentication relied on 'something that the user knows,' also known as knowledge-based user authentication. However, recent research indicates that knowledge-based user authentication is no longer considered secure or convenient for mobile users because it imposes several limitations. These limitations highlight the need for more secure and user-friendly user authentication methods. One promising solution is user authentication based on 'something that the user is,' which includes authentication methods that use physical characteristics of the mobile user (i.e., physiological biometrics) or their involuntary actions (i.e., behavioral biometrics). Although physiological biometrics have been successfully deployed for mobile user authentication over the last years, recent studies suggest that they show several weaknesses (e.g., vulnerable to various attacks such as impersonation). Consequently, experts in the security field are now focusing more on user authentication based on behavioral biometrics. Therefore, the aim of this work is to investigate the benefits, as well as the limitations of behavioral biometrics for mobile user authentication in order to provide a foundation for organizing research efforts toward the design and development of proper user authentication solutions based on behavioral biometrics for mobile devices.
AB - User authentication serves as the primary defense, also referred to as first line of defense, by verifying the identity of a mobile user, often as a requirement for accessing resources on a mobile device. For many years, user authentication relied on 'something that the user knows,' also known as knowledge-based user authentication. However, recent research indicates that knowledge-based user authentication is no longer considered secure or convenient for mobile users because it imposes several limitations. These limitations highlight the need for more secure and user-friendly user authentication methods. One promising solution is user authentication based on 'something that the user is,' which includes authentication methods that use physical characteristics of the mobile user (i.e., physiological biometrics) or their involuntary actions (i.e., behavioral biometrics). Although physiological biometrics have been successfully deployed for mobile user authentication over the last years, recent studies suggest that they show several weaknesses (e.g., vulnerable to various attacks such as impersonation). Consequently, experts in the security field are now focusing more on user authentication based on behavioral biometrics. Therefore, the aim of this work is to investigate the benefits, as well as the limitations of behavioral biometrics for mobile user authentication in order to provide a foundation for organizing research efforts toward the design and development of proper user authentication solutions based on behavioral biometrics for mobile devices.
KW - benefits of behavioral biometrics
KW - limitations of behavioral biometrics
KW - mobile user authentication
U2 - 10.23919/IFIPNetworking57963.2023.10186419
DO - 10.23919/IFIPNetworking57963.2023.10186419
M3 - Conference contribution
AN - SCOPUS:85167871350
T3 - 2023 IFIP Networking Conference, IFIP Networking 2023
BT - 2023 IFIP Networking Conference, IFIP Networking 2023
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 22nd International Federation for Information Processing Conference on Networking, IFIP Networking 2023
Y2 - 12 June 2023 through 15 June 2023
ER -