Towards Usable Implicit Authentication on Smartphones




Implicit authentication (IA) has recently become a popular approach for providing physical security on smartphones. It relies on behavioral traits (e.g., gait patterns) for user identification, instead of biometric data or knowledge of a PIN. The reported studies on users’ perception of IA have painted a very positive picture, showing that more than 60% of their respective participants are interested in adopting IA, should it become available on their devices. These studies, however, have all been done either in lab environments, or with low- to medium-fidelity prototypes, which limits their generalizability and ecological validity. Therefore, the question of “how would smartphone users perceive a commercialized IA scheme in a realistic setting?” remains unanswered. Moreover, it is not yet known whether users can understand the semantics of this technology well enough to use it properly.

This project aims at bridging these aforementioned knowledge gaps by aiming to:

  • (1) identify security and usability requirements for implicit authentication on mobile devices, by studying users’ experiences with Google Smart Lock for Android (SL) as well as
  • (2) improve the usability of IA on smartphones by designing and evaluating more granular access control systems. The evaluation will be done empirically, by employing user studies.

Related Publications: