Nowadays the critical sector of transport becomes progressively more dependent on digital technologies to perform essential activities and develop novel efficient transport services and infrastructure to empower economic and social cohesion exploiting the economic strengths of the European Union (EU). However, although the continuously increasing number of visitors, entering the EU through land-border crossing points or seaports, brings immense economic value, novel border control solutions, such as mobile devices for passenger identification for land/sea border control, are essential to precisely identify passengers 'on the fly' ensuring their comfort. Nevertheless, these devices are expected to handle highly confidential personal data and thus, it is very likely to become an attractive target to malicious actors. Therefore, to ensure high level of device security without interrupting border control activities, strong secure and usable user authentication mechanisms are required. Towards this direction, we, firstly, discuss risk-based and adaptive authentication for mobile devices as a suitable approach to deal with the security vs. usability challenge and a novel risk-based adaptive user authentication mechanism is proposed to address this challenge. Afterwards, a set of popular Machine Learning (ML) classification algorithms for risk-based authentication was tested and evaluated on the HuMIdb (Human Mobile Interaction database) dataset to identify the most appropriate ones for the proposed mechanism. The evaluation results demonstrated impact of overfitting (i.e., accuracy: 1,0000) and therefore, we considered novelty detection algorithms to overcome this challenge and demonstrate high performance. To the best of our knowledge, this is the first time that novelty detection algorithms have been considered for risk-based adaptive user authentication showing promising results (OneClassSVM 0,9536, LOF 0,9740, KNN_average 0,9998).
- Adaptive user authentication
- border control security
- mobile passenger ID devices
- risk-based user authentication