Towards Wider Adoption of Continuous Authentication on Mobile Devices

Abstract

Continuous Authentication (CA) is the process of constantly checking for the authorized user’s presence, which brings unique advantages and disadvantages. CA is more secure and facilitates schemes with multiple levels of authentication security; however, it can consume more resources and cause user anxiety about privacy. In this chapter we seek to understand the practical aspects of CA; in particular, user perception and resource consumption. To gauge user perception towards CA, we conducted a survey with roughly 500 respondents. We found that users desire multiple levels of authentication security. Furthermore, users are willing to adopt CA for mobile devices. We then analyzed factors like security awareness, gender, and mobile device OS, to draw statistically significant conclusions regarding their effect on users’ willingness to adopt CA, and user perceptions about CA. We also compare between biometric modalities based on their resource consumption, as measured by their Resource Profile Curve (RPC). This Curve reveals the trade-off between authentication accuracy and resource usage, and is helpful for different usage scenarios in which a CA system needs to operate. In particular, we explain how a CA system can intelligently switch between RPCs to conserve battery power, memory usage, or to maximize authentication accuracy. We argue for the importance of understanding user perceptions and using RPCs to guide the development of practical CA systems.