A changeable personal identification number-based keystroke dynamics authentication system on smart phones

Ting-Yi  Chang, Cheng Jung Tsai, Wang Jui Tsai, Chun Cheng Peng, Han Sing Wu

Research output: Contribution to journalArticle

7 Citations (Scopus)

Abstract

One can apply cell phones to access e-bank, buy stocks, pay credit card bills, and so on. The security issues of cell phones become extremely important. Most of subscribers use personal identification number (PIN) codes which combined with 6–8 numbers to protect their subscriber identity module cards from illegal accesses. It is easily to be decoded by the dictionary attack or shoulder surfing attack. Many studies employed keystroke dynamics to protect the PIN code, and the relative results exhibit that keystroke dynamics can indeed improve the security of a PIN code. However, the traditional keystroke dynamics-based authentication (KDA) system has to collect user's keystroke dynamics firstly and then produce a unique personal biometrics. It is inconvenient for users when changing their PIN codes is required, because the corresponding KDA systems should be retrained. To solve the previously mentioned drawbacks, this paper proposes a novel technique that allows users to change their PIN codes anytime without any extra retraining. This technique not only enhance the security of the PIN codes but also enrich the security of accessing e-bank, buying stocks, paying credit card bill, and other service via smart phones. Conducted experiment results show that the proposed system can effectively improve the KDA system to distinguish legitimate users and impostors even when users change their original passwords.

Original languageEnglish
Pages (from-to)2674-2685
Number of pages12
JournalSecurity and Communication Networks
Volume9
Issue number15
DOIs
Publication statusPublished - 2016 Oct 1

Fingerprint

Authentication
Biometrics
Glossaries
Experiments

All Science Journal Classification (ASJC) codes

  • Information Systems
  • Computer Networks and Communications

Cite this

@article{d4a5da63159249dbb79c680864772be6,
title = "A changeable personal identification number-based keystroke dynamics authentication system on smart phones",
abstract = "One can apply cell phones to access e-bank, buy stocks, pay credit card bills, and so on. The security issues of cell phones become extremely important. Most of subscribers use personal identification number (PIN) codes which combined with 6–8 numbers to protect their subscriber identity module cards from illegal accesses. It is easily to be decoded by the dictionary attack or shoulder surfing attack. Many studies employed keystroke dynamics to protect the PIN code, and the relative results exhibit that keystroke dynamics can indeed improve the security of a PIN code. However, the traditional keystroke dynamics-based authentication (KDA) system has to collect user's keystroke dynamics firstly and then produce a unique personal biometrics. It is inconvenient for users when changing their PIN codes is required, because the corresponding KDA systems should be retrained. To solve the previously mentioned drawbacks, this paper proposes a novel technique that allows users to change their PIN codes anytime without any extra retraining. This technique not only enhance the security of the PIN codes but also enrich the security of accessing e-bank, buying stocks, paying credit card bill, and other service via smart phones. Conducted experiment results show that the proposed system can effectively improve the KDA system to distinguish legitimate users and impostors even when users change their original passwords.",
author = "Ting-Yi  Chang and Tsai, {Cheng Jung} and Tsai, {Wang Jui} and Peng, {Chun Cheng} and Wu, {Han Sing}",
year = "2016",
month = "10",
day = "1",
doi = "10.1002/sec.1265",
language = "English",
volume = "9",
pages = "2674--2685",
journal = "Security and Communication Networks",
issn = "1939-0114",
publisher = "John Wiley and Sons Inc.",
number = "15",

}

A changeable personal identification number-based keystroke dynamics authentication system on smart phones. / Chang, Ting-Yi ; Tsai, Cheng Jung; Tsai, Wang Jui; Peng, Chun Cheng; Wu, Han Sing.

In: Security and Communication Networks, Vol. 9, No. 15, 01.10.2016, p. 2674-2685.

Research output: Contribution to journalArticle

TY - JOUR

T1 - A changeable personal identification number-based keystroke dynamics authentication system on smart phones

AU - Chang, Ting-Yi 

AU - Tsai, Cheng Jung

AU - Tsai, Wang Jui

AU - Peng, Chun Cheng

AU - Wu, Han Sing

PY - 2016/10/1

Y1 - 2016/10/1

N2 - One can apply cell phones to access e-bank, buy stocks, pay credit card bills, and so on. The security issues of cell phones become extremely important. Most of subscribers use personal identification number (PIN) codes which combined with 6–8 numbers to protect their subscriber identity module cards from illegal accesses. It is easily to be decoded by the dictionary attack or shoulder surfing attack. Many studies employed keystroke dynamics to protect the PIN code, and the relative results exhibit that keystroke dynamics can indeed improve the security of a PIN code. However, the traditional keystroke dynamics-based authentication (KDA) system has to collect user's keystroke dynamics firstly and then produce a unique personal biometrics. It is inconvenient for users when changing their PIN codes is required, because the corresponding KDA systems should be retrained. To solve the previously mentioned drawbacks, this paper proposes a novel technique that allows users to change their PIN codes anytime without any extra retraining. This technique not only enhance the security of the PIN codes but also enrich the security of accessing e-bank, buying stocks, paying credit card bill, and other service via smart phones. Conducted experiment results show that the proposed system can effectively improve the KDA system to distinguish legitimate users and impostors even when users change their original passwords.

AB - One can apply cell phones to access e-bank, buy stocks, pay credit card bills, and so on. The security issues of cell phones become extremely important. Most of subscribers use personal identification number (PIN) codes which combined with 6–8 numbers to protect their subscriber identity module cards from illegal accesses. It is easily to be decoded by the dictionary attack or shoulder surfing attack. Many studies employed keystroke dynamics to protect the PIN code, and the relative results exhibit that keystroke dynamics can indeed improve the security of a PIN code. However, the traditional keystroke dynamics-based authentication (KDA) system has to collect user's keystroke dynamics firstly and then produce a unique personal biometrics. It is inconvenient for users when changing their PIN codes is required, because the corresponding KDA systems should be retrained. To solve the previously mentioned drawbacks, this paper proposes a novel technique that allows users to change their PIN codes anytime without any extra retraining. This technique not only enhance the security of the PIN codes but also enrich the security of accessing e-bank, buying stocks, paying credit card bill, and other service via smart phones. Conducted experiment results show that the proposed system can effectively improve the KDA system to distinguish legitimate users and impostors even when users change their original passwords.

UR - http://www.scopus.com/inward/record.url?scp=84929773345&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84929773345&partnerID=8YFLogxK

U2 - 10.1002/sec.1265

DO - 10.1002/sec.1265

M3 - Article

AN - SCOPUS:84929773345

VL - 9

SP - 2674

EP - 2685

JO - Security and Communication Networks

JF - Security and Communication Networks

SN - 1939-0114

IS - 15

ER -