A changeable personal identification number‐based keystroke dynamics authentication system on smart phones

Abstract

AbstractOne can apply cell phones to access e‐bank, buy stocks, pay credit card bills, and so on. The security issues of cell phones become extremely important. Most of subscribers use personal identification number (PIN) codes which combined with 6–8 numbers to protect their subscriber identity module cards from illegal accesses. It is easily to be decoded by the dictionary attack or shoulder surfing attack. Many studies employed keystroke dynamics to protect the PIN code, and the relative results exhibit that keystroke dynamics can indeed improve the security of a PIN code. However, the traditional keystroke dynamics‐based authentication (KDA) system has to collect user's keystroke dynamics firstly and then produce a unique personal biometrics. It is inconvenient for users when changing their PIN codes is required, because the corresponding KDA systems should be retrained. To solve the previously mentioned drawbacks, this paper proposes a novel technique that allows users to change their PIN codes anytime without any extra retraining. This technique not only enhance the security of the PIN codes but also enrich the security of accessing e‐bank, buying stocks, paying credit card bill, and other service via smart phones. Conducted experiment results show that the proposed system can effectively improve the KDA system to distinguish legitimate users and impostors even when users change their original passwords. Copyright © 2015 John Wiley & Sons, Ltd.