Fair and Robust Metric for Evaluating Touch-based Continuous Mobile Device Authentication

Mobile devices such as smartphones have an initial-login authentication to prevent third-party use. However, such authentication systems can be hacked by shoulder surfing, smudge attacks, and biometric duplication. Touch-based authentication is a continuous authentication method that can rapidly detect illegal use after an initial login. Various touch-based authentications have been proposed to date; however, evaluation experiments often lack assumptions regarding actual usage situations. To apply touch-based authentication for practical use, evaluation experiments should be conducted by constructing a realistic dataset. This study provides two guidelines for a fair and realistic evaluation of touch-based authentication.