A Security Enhanced Android Unlock Scheme Based on Pinch-to-Zoom for Smart Devices

Abstract

With the rapid development of information technology, mobile phones especially smartphones have become a basic and important personal device to assist and facilitate an individual’s daily life. Due to the convenience, an individual is very likely to store various personal information on smartphones, including healthcare record, ID card manifold, family photos, private video clips, etc. This may pose a big challenge on data security and privacy. To mitigate such risk, one commonly used security solution is phone unlock pattern, where Android unlock pattern should be the most widely used one on Android devices. However, Android unlock scheme is known to be not secure under various adversarial scenarios. In the literature, there is a trend of combining the unlock scheme with touch biometric. In this work, we follow this trend and develop ZoomPass, a security-enhanced Android unlock scheme by analyzing solely zoom behavior from individuals. It is a two-step scheme that requires an individual to select two dots and perform a pinch-to-zoom action for each dot. To evaluate the scheme performance, we conduct a user study with 100 participants and found that our scheme can reach good performance in both usability and security.