Keystroke security developed for tablets and smartphones

2 min read

Researchers have developed a new security system that continuously monitors how a user taps and swipes their mobile device, a development that could prevent unauthorised use of such devices. 

Dubbed LatentGesture, the system was used during a Georgia Institute of Technology lab study using Android devices. The system is said to have been nearly 98 per cent accurate on a smartphone and 97 per cent correct on tablets. The research team will present the findings for the first time at the end of April. 

‘The system learns a person’s ‘touch signature,’ then constantly compares it to how the current user is interacting with the device,’ said Polo Chau, a Georgia Tech College of Computing assistant professor who led the study.

To test the system, Chau and his team set up an electronic form with a list of tasks for 20 participants. They were asked to tap buttons, check boxes and swipe slider bars on a phone and tablet to fill out the form. The system tracked their tendencies and created a profile for each person.

After profiles were stored, the researchers designated one person’s signature as the ‘owner’ of the device and repeated the tests. LatentGesture successfully matched the owner and flagged everyone else as unauthorised users.  

‘Just like your fingerprint, everyone is unique when they use a touchscreen,’ Chau said in a statement. ‘Some people slide the bar with one quick swipe. Others gradually move it across the screen. Everyone taps the screen with different pressures while checking boxes.’

The research team also programmed the system to store five touch signatures on the same device – one ‘owner’ and four authorised users. When someone other than the owner used the tablet, the system identified each with 98 per cent accuracy. 

‘This feature could be used when a child uses her dad’s tablet,’ said Premkumar Saravanan, a second year student in GATECH’s College of Computing. ‘The system would recognise her touch signature and allow her to use the device. But if she tried to buy an app, the system could prevent it.’

The researchers say LatentGesture’s biggest advantage is that the system is constantly running in the background, so the user doesn’t have to do anything different for added security and authentication.

‘It’s pretty easy for someone to look over your shoulder while you’re unlocking your phone and see your password,’ said Samuel Clarke, a College of Computing student on the research team. ‘This system ensures security even if someone takes your phone or tablet and starts using it.’

Chau is co-advising the project with Hongyuan Zha, a professor in the School of Computational Science and Engineering. The study will be presented in Toronto at ACM Chinese CHI 2014 from April 26 to 27.