Li Lu,Jiadi Yu,Yingying Chen,Hongbo Liu,Yanmin Zhu,Linghe Kong,Minglu Li

DOI: https://doi.org/10.1109/tnet.2019.2891733

2019-01-01

IEEE/ACM Transactions on Networking

Abstract:To prevent users’ privacy from leakage, more and more mobile devices employ biometric-based authentication approaches, such as fingerprint, face recognition, voiceprint authentications, and so on, to enhance the privacy protection. However, these approaches are vulnerable to replay attacks. Although the state-of-art solutions utilize liveness verification to combat the attacks, existing approaches are sensitive to ambient environments, such as ambient lights and surrounding audible noises. Toward this end, we explore liveness verification of user authentication leveraging users’ mouth movements, which are robust to noisy environments. In this paper, we propose a lip reading-based user authentication system, LipPass, which extracts unique behavioral characteristics of users’ speaking mouths through acoustic sensing on smartphones for user authentication. We first investigate Doppler profiles of acoustic signals caused by users’ speaking mouths and find that there are unique mouth movement patterns for different individuals. To characterize the mouth movements, we propose a deep learning-based method to extract efficient features from Doppler profiles and employ softmax function, support vector machine, and support vector domain description to construct multi-class identifier, binary classifiers, and spoofer detectors for mouth state identification, user identification, and spoofer detection, respectively. Afterward, we develop a balanced binary tree-based authentication approach to accurately identify each individual leveraging these binary classifiers and spoofer detectors with respect to registered users. Through extensive experiments involving 48 volunteers in four real environments, LipPass can achieve 90.2% accuracy in user identification and 93.1% accuracy in spoofer detection.

Weixi Gu,Zheng Yang,Longfei Shangguan,Xiaoyu Ji,Yiyang Zhao

DOI: https://doi.org/10.1109/trustcom.2014.34

2014-01-01

Abstract:Near field authentication is of great importance for a range of applications, and has attracted many research efforts in the past decades. Several approaches have been developed and demonstrated their feasibility. The state-of-art works, however, still have much room to improve their automation and usability. First, user assistance is required in most existing approaches, which will be easily observed and imitated by attackers. Second, the authentications of several works heavily depend on special hardware, e.g., Server or high resolution screen, which greatly restricts their application scenarios. In this paper, we present a near field authentication system Tooth that needs little human assistance and is compatible with most smart phones. ToAuth is based on the key insight that the acceleration traces are similar for a pair of smart phones when they are contacting physically and vibrating. The random vibration patterns are sufficiently uncertain to provide high entropy to generate a pair of cryptographic keys yet are inimitable for a third party who does not get in touch with the vibration source. ToAuth leverages the keys to make authentication for smart phones. We implement ToAuth on Android platform and evaluate its performance under various scenarios. Extensive experiments demonstrate ToAuth could achieve around 90% success rate in stable environment, and prevent attacks depended on vibration noise.

Li Lu,Jiadi Yu,Yingying Chen,Hongbo Liu,Yanmin Zhu,Yunfei Liu,Minglu Li

DOI: https://doi.org/10.1109/infocom.2018.8486283

2018-01-01

Abstract:To prevent users' privacy from leakage, more and more mobile devices employ biometric-based authentication approaches, such as fingerprint, face recognition, voiceprint authentications, etc., to enhance the privacy protection. However, these approaches are vulnerable to replay attacks. Although state-of-art solutions utilize liveness verification to combat the attacks, existing approaches are sensitive to ambient environments, such as ambient lights and surrounding audible noises. Towards this end, we explore liveness verification of user authentication leveraging users' lip movements, which are robust to noisy environments. In this paper, we propose a lip reading-based user authentication system, LipPass, which extracts unique behavioral characteristics of users' speaking lips leveraging build-in audio devices on smartphones for user authentication. We first investigate Doppler profiles of acoustic signals caused by users' speaking lips, and find that there are unique lip movement patterns for different individuals. To characterize the lip movements, we propose a deep learning-based method to extract efficient features from Doppler profiles, and employ Support Vector Machine and Support Vector Domain Description to construct binary classifiers and spoofer detectors for user identification and spoofer detection, respectively. Afterwards, we develop a binary tree-based authentication approach to accurately identify each individual leveraging these binary classifiers and spoofer detectors with respect to registered users. Through extensive experiments involving 48 volunteers in four real environments, LipPass can achieve 90.21% accuracy in user identification and 93.1% accuracy in spoofer detection.

Chao Shen,Yufei Chen,Xiaohong Guan

DOI: https://doi.org/10.1016/j.ins.2017.11.058

IF: 8.1

2018-01-01

Information Sciences

Abstract:The pervasiveness of mobile devices not only facilitates people’s daily life with a wide variety of services, but also brings users risks of private information leakage (e.g., photos, contact lists, bank accounts), which emphasizes the demand for reliable, feasible and user-friendly authentication mechanisms on mobile devices. In this paper, we develop an authentication mechanism using motion sensors (accelerometer and gyroscope) embedded in smartphones. Our proposed mechanism performs authentication continuously and implicitly by monitoring the user daily activities. We extract time-, frequency- and wavelet-domain features from motion-sensor data, and conduct empirical feature analysis to investigate the optimal combination of features, to acquire a fine-grained characterization of users’ movement patterns. To make a systematic performance evaluation, we have established a dataset containing 27,681 samples, including five kinds of actions and five different smartphone placements. In the evaluation procedure, four kinds of contexts are considered (nothing-aware context, action-aware context, placement-aware context and full-information-aware context), and ten one-class detectors are implemented. The best accuracy (represented as EER) for the four conditions achieves 28.22%, 2.21%, 5.50% and 3.28%, respectively, indicating our proposed approach is feasible and applicable in some real scenarios. Moreover, the performance analyses for sensor combinations and feature combinations are also conducted.

Chao Shen,Yunpeng Li,Tianwen Yu,Sheng Yuan,Xiao Yi,Xiaohong Guan

DOI: https://doi.org/10.1109/wcica.2016.7578519

2016-01-01

Abstract:Existing smartphone authentication methods (e.g., PIN) typically provide one-time identity verification, but the verified user is still subject to session hijacking or masquerading attacks. This paper presents a framework and performance analysis of a sensor-based smartphone authentication system that continuously verifies the presence of a smartphone user. When a user touches the smartphone screen, motion-sensor data are extracted and analyzed to obtain descriptive features for accurately depicting users' touch habit and rhythm. Then a one-class learning algorithm is employed in the feature space to perform the continuous authentication task. Based on touch-tapping data collected from over 50 users, we conduct a series of experiments to validate the efficacy of our proposed approach. Our experimental results show that our verification system achieves a relatively high accuracy with an equal-error rate of 11.05%. Additional experiment on usability to the observation window size is provided to further examine the effectiveness. Our authentication system can be seamlessly integrated with extant smartphone authentication mechanisms, and is non-intrusive to users and does not need extra hardware.

Chao Shen,Yuanxun Li,Yufei Chen,Xiaohong Guan,Roy A. Maxion

DOI: https://doi.org/10.1109/tifs.2017.2737969

IF: 7.231

2018-01-01

IEEE Transactions on Information Forensics and Security

Abstract:The increasing use of smartphones as personal computing platforms to access personal information has stressed the demand for secure and usable authentication techniques, and for constantly protecting privacy. Smartphone sensors can measure users' unique behavioral characteristics when they interact with smartphones, based on different habits, gestures, and angle preferences of touch actions. This paper investigates the reliability and applicability of using motion-sensor behavior for active and continuous smartphone authentication across various operational scenarios, and presents a systematic evaluation of the distinctiveness and permanence properties of the behavior. For each sample of sensor behavior, kinematic information sequences are extracted and analyzed, which are characterized by statistic-, frequency-, and wavelet-domain features, to provide accurate and fine-grained characterization of users' touch actions. A Markov-based decision procedure, using one-class learning techniques, is developed and applied to the feature space for performing authentication. Analyses are conducted using the sensor data of 520 200 touch actions from 102 subjects across various operational scenarios. Extensive experiments show that motion-sensor behavior exhibits sufficient discriminability and stability for active and continuous authentication, and can achieve a false-rejection rate of 5.03% and a false-acceptance rate of 3.98%. Additional experiments on usability to operation length, sensitivity to application scenario, scalability to user size, contribution to different sensors, and response to behavior change are provided to further explore the effectiveness and applicability. We also implement an authentication system into the Android system that can react to the presence of the legitimate user.

Chao Shen,Tianwen Yu,Sheng Yuan,Yunpeng Li,Xiaohong Guan

DOI: https://doi.org/10.3390/s16030345

IF: 3.9

2016-01-01

Sensors

Abstract:The growing trend of using smartphones as personal computing platforms to access and store private information has stressed the demand for secure and usable authentication mechanisms. This paper investigates the feasibility and applicability of using motion-sensor behavior data for user authentication on smartphones. For each sample of the passcode, sensory data from motion sensors are analyzed to extract descriptive and intensive features for accurate and fine-grained characterization of users’ passcode-input actions. One-class learning methods are applied to the feature space for performing user authentication. Analyses are conducted using data from 48 participants with 129,621 passcode samples across various operational scenarios and different types of smartphones. Extensive experiments are included to examine the efficacy of the proposed approach, which achieves a false-rejection rate of 6.85% and a false-acceptance rate of 5.01%. Additional experiments on usability with respect to passcode length, sensitivity with respect to training sample size, scalability with respect to number of users, and flexibility with respect to screen size were provided to further explore the effectiveness and practicability. The results suggest that sensory data could provide useful authentication information, and this level of performance approaches sufficiency for two-factor authentication on smartphones. Our dataset is publicly available to facilitate future research.

Sakorn Mekruksavanich,Anuchit Jitpattanakul

DOI: https://doi.org/10.3390/s21227519

2021-11-12

Abstract:Smartphones as ubiquitous gadgets are rapidly becoming more intelligent and context-aware as sensing, networking, and processing capabilities advance. These devices provide users with a comprehensive platform to undertake activities such as socializing, communicating, sending and receiving e-mails, and storing and accessing personal data at any time and from any location. Nowadays, smartphones are used to store a multitude of private and sensitive data including bank account information, personal identifiers, account passwords and credit card information. Many users remain permanently signed in and, as a result, their mobile devices are vulnerable to security and privacy risks through assaults by criminals. Passcodes, PINs, pattern locks, facial verification, and fingerprint scans are all susceptible to various assaults including smudge attacks, side-channel attacks, and shoulder-surfing attacks. To solve these issues, this research introduces a new continuous authentication framework called DeepAuthen, which identifies smartphone users based on their physical activity patterns as measured by the accelerometer, gyroscope, and magnetometer sensors on their smartphone. We conducted a series of tests on user authentication using several deep learning classifiers, including our proposed deep learning network termed DeepConvLSTM on the three benchmark datasets UCI-HAR, WISDM-HARB and HMOG. Results demonstrated that combining various motion sensor data obtained the highest accuracy and energy efficiency ratio (EER) values for binary classification. We also conducted a thorough examination of the continuous authentication outcomes, and the results supported the efficacy of our framework.

Mohsen Ali Alawami,Tamer AbuHamed,Mohammed AbuHamed,Hyoungshick Kim

DOI: https://doi.org/10.1016/j.pmcj.2024.101922

IF: 3.848

2024-04-05

Pervasive and Mobile Computing

Abstract:Traditional one-time authentication mechanisms cannot authenticate smartphone users' identities throughout the session – the concept of using behavioral-based biometrics captured by the built-in motion sensors and touch data is a candidate to solve this issue. Many studies proposed solutions for behavioral-based continuous authentication; however, they are still far from practicality and generality for real-world usage. To date, no commercially deployed implicit user authentication scheme exists because most of those solutions were designed to improve detection accuracy without addressing real-world deployment requirements. To bridge this gap, we tackle the limitations of existing schemes and reach toward developing a more practical implicit authentication scheme, dubbed MotionID, based on a one-class detector using behavioral data from motion sensors when users touch their smartphones. Compared with previous studies, our work addresses the following challenges: 1 Global mobile average to dynamically adjust the sampling rate for sensors on any device and mitigate the impact of using sensors' fixed sampling rate; 2 Over-all-apps to authenticate a user across all the mobile applications, not only on-specific application; 3 Single-device-evaluation to measure the performance with multiple users' (i.e., genuine users and imposters) data collected from the same device; 4 Rapid authentication to quickly identify users' identities using a few samples collected within short durations of touching (1–5 s) the device; 5 Unconditional settings to collect sensor data from real-world smartphone usage rather than a laboratory study. To show the feasibility of MotionID for those challenges, we evaluated the performance of MotionID with ten users' motion sensor data on five different smartphones under various settings. Our results show the impracticality of using a fixed sampling rate across devices that most previous studies have adopted. MotionID is able to authenticate users with an F1-score up to 98.5% for some devices under practical requirements and an F1-score up to roughly 90% when considering the drift concept and rapid authentication settings. Finally, we investigate time efficiency, power consumption, and memory usage considerations to examine the practicality of MotionID.

computer science, information systems,telecommunications

Lex Fridman,Steven Weber,Rachel Greenstadt,Moshe Kam

DOI: https://doi.org/10.1109/jsyst.2015.2472579

IF: 4.802

2017-06-01

IEEE Systems Journal

Abstract:Active authentication is the problem of continuously verifying the identity of a person based on behavioral aspects of their interaction with a computing device. In this paper, we collect and analyze behavioral biometrics data from 200 subjects, each using their personal Android mobile device for a period of at least 30 days. This data set is novel in the context of active authentication due to its size, duration, number of modalities, and absence of restrictions on tracked activity. The geographical colocation of the subjects in the study is representative of a large closed-world environment such as an organization where the unauthorized user of a device is likely to be an insider threat: coming from within the organization. We consider four biometric modalities: 1) text entered via soft keyboard, 2) applications used, 3) websites visited, and 4) physical location of the device as determined from GPS (when outdoors) or WiFi (when indoors). We implement and test a classifier for each modality and organize the classifiers as a parallel binary decision fusion architecture. We are able to characterize the performance of the system with respect to intruder detection time and to quantify the contribution of each modality to the overall performance.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Hui Xu,Yangfan Zhou,Michael R. Lyu

2014-01-01

Abstract:Current smartphones generally cannot continuously authenticate users during runtime. This poses severe security and privacy threats: A malicious user can manipulate the phone if bypassing the screen lock. To solve this problem, our work adopts a continuous and passive authentication mechanism based on a user's touch operations on the touchscreen. Such a mechanism is suitable for smartphones, as it requires no extra hardware or intrusive user interface. We study how to model multiple types of touch data and perform continuous authentication accordingly. As a first attempt, we also investigate the fundamentals of touch operations as biometrics by justifying their distinctiveness and permanence. A one-month experiment is conducted involving over 30 users. Our experiment results verify that touch biometrics can serve as a promising method for continuous and passive authentication.

Akriti Verma,Valeh Moghaddam,Adnan Anwar

DOI: https://doi.org/10.48550/arXiv.2110.03149

2021-10-07

Abstract:Recent studies have shown how motion-based biometrics can be used as a form of user authentication and identification without requiring any human cooperation. This category of behavioural biometrics deals with the features we learn in our life as a result of our interaction with the environment and nature. This modality is related to change in human behaviour over time. The developments in these methods aim to amplify continuous authentication such as biometrics to protect their privacy on user devices. Various Continuous Authentication (CA) systems have been proposed in the literature. They represent a new generation of security mechanisms that continuously monitor user behaviour and use this as the basis to re-authenticate them periodically throughout a login session. However, these methods usually constitute a single classification model which is used to identify or verify a user. This work proposes an algorithm to blend behavioural biometrics with multi-factor authentication (MFA) by introducing a two-step user verification algorithm that verifies the user's identity using motion-based biometrics and complements the multi-factor authentication, thus making it more secure and flexible. This two-step user verification algorithm is also immune to adversarial attacks, based on our experimental results which show how the rate of misclassification drops while using this model with adversarial data.

Machine Learning,Signal Processing

Rajesh Kumar,Partha Pratim Kundu,Diksha Shukla,Vir V. Phoha

DOI: https://doi.org/10.48550/arXiv.1708.04399

2017-08-15

Abstract:In this paper, we propose a novel continuous authentication system for smartphone users. The proposed system entirely relies on unlabeled phone movement patterns collected through smartphone accelerometer. The data was collected in a completely unconstrained environment over five to twelve days. The contexts of phone usage were identified using k-means clustering. Multiple profiles, one for each context, were created for every user. Five machine learning algorithms were employed for classification of genuine and impostors. The performance of the system was evaluated over a diverse population of 57 users. The mean equal error rates achieved by Logistic Regression, Neural Network, kNN, SVM, and Random Forest were 13.7%, 13.5%, 12.1%, 10.7%, and 5.6% respectively. A series of statistical tests were conducted to compare the performance of the classifiers. The suitability of the proposed system for different types of users was also investigated using the failure to enroll policy.

Human-Computer Interaction,Cryptography and Security

Wei-Han Lee,Ruby B. Lee

DOI: https://doi.org/10.48550/arXiv.1708.09754

2017-08-30

Cryptography and Security

Abstract:Authentication of smartphone users is important because a lot of sensitive data is stored in the smartphone and the smartphone is also used to access various cloud data and services. However, smartphones are easily stolen or co-opted by an attacker. Beyond the initial login, it is highly desirable to re-authenticate end-users who are continuing to access security-critical services and data. Hence, this paper proposes a novel authentication system for implicit, continuous authentication of the smartphone user based on behavioral characteristics, by leveraging the sensors already ubiquitously built into smartphones. We propose novel context-based authentication models to differentiate the legitimate smartphone owner versus other users. We systematically show how to achieve high authentication accuracy with different design alternatives in sensor and feature selection, machine learning techniques, context detection and multiple devices. Our system can achieve excellent authentication performance with 98.1% accuracy with negligible system overhead and less than 2.4% battery consumption.

Alejandro Acien,Aythami Morales,Ruben Vera-Rodriguez,Julian Fierrez

DOI: https://doi.org/10.48550/arXiv.1901.10312

2019-01-29

Abstract:In this paper we evaluate mobile active authentication based on an ensemble of biometrics and behavior-based profiling signals. We consider seven different data channels and their combination. Touch dynamics (touch gestures and keystroking), accelerometer, gyroscope, WiFi, GPS location and app usage are all collected during human-mobile interaction to authenticate the users. We evaluate two approaches: one-time authentication and active authentication. In one-time authentication, we employ the information of all channels available during one session. For active authentication we take advantage of mobile user behavior across multiple sessions by updating a confidence value of the authentication score. Our experiments are conducted on the semi-uncontrolled UMDAA-02 database. This database comprises smartphone sensor signals acquired during natural human-mobile interaction. Our results show that different traits can be complementary and multimodal systems clearly increase the performance with accuracies ranging from 82.2% to 97.1% depending on the authentication scenario.

Cryptography and Security,Computer Vision and Pattern Recognition,Computers and Society,Human-Computer Interaction

Abdulaziz Alzubaidi,Jugal Kalita

DOI: https://doi.org/10.48550/arXiv.1911.04104

2019-11-11

Cryptography and Security

Abstract:Smartphones and tablets have become ubiquitous in our daily lives. Smartphones, in particular, have become more than personal assistants. These devices have provided new avenues for consumers to play, work, and socialize whenever and wherever they want. Smartphones are small in size, so they are easy to handle and to stow and carry in users' pockets or purses. However, mobile devices are also susceptible to various problems. One of the greatest concerns is the possibility of breach in security and privacy if the device is seized by an outside party. It is possible that threats can come from friends as well as strangers. Due to the size of smart devices, they can be easily lost and may expose details of users' private lives. In addition, this might enable pervasive observation or imitation of one's movements and activities, such as sending messages to contacts, accessing private communication, shopping with a credit card, and relaying information about where one has been. This paper highlights the potential risks that occur when smartphones are stolen or seized, discusses the concept of continuous authentication, and analyzes current approaches and mechanisms of behavioral biometrics with respect to methodology, associated datasets and evaluation approaches.

Asma Ahmad Farhan,Amna Basharat,Nasser Allheeib,Summrina Kanwal

DOI: https://doi.org/10.1038/s41598-024-74473-7

IF: 4.6

2024-10-23

Scientific Reports

Abstract:Smartphones store valuable personal information, necessitating robust authentication methods to protect user data. This research proposes a lightweight bi-model fallback authentication technique that combines dynamic security questions and finger pattern recognition using inertial measurement units. The dynamic security questions are generated based on the smartphone's usage behavior, while the owner's finger movements are captured using four different inertial sensors: accelerometer, gyroscope, gravity sensor, and magnetometer. By combining the answers to the questions and the owner's finger movements, the user can be authenticated even if the primary authentication method fails. In this study, data was collected from 24 participants, including 12 primary phone users and 12 close adversaries, over a span of 28 days. The dynamic security questions, derived from call, SMS, battery charging events, application usage, location, and physical activity categories, achieved high accuracy rates, with call, SMS, and application usage surpassing . Incorporating the inertial measurement units significantly improved the accuracy of all question types, increasing from a maximum of to , while also enhancing the True Positive Rate from 0.79 to 0.99 compared to a previous study. This research presents a promising lightweight bi-model fallback authentication technique that leverages dynamic security questions and inertial measurement units data, demonstrating its effectiveness for enhancing smartphone security.

multidisciplinary sciences

Jinghui Zhang,Zichao Li,Hancheng Zhang,Wei Zhang,Zhen Ling,Ming Yang

DOI: https://doi.org/10.1016/j.comcom.2023.06.016

IF: 5.047

2023-08-01

Computer Communications

Abstract:Nowadays, a large amount of users’privacy data is stored in mobile intelligent devices, and authentication systems have become an important defense to protect that data. The traditional explicit authentication, however, is under significant threat from a great deal of side channel attacks, such as those based on computer vision and touch screen attacks. Users’authentication keys are facing a high risk of leakage, whereas implicit authentication is one of the effective methods to resist various side channel attacks. Nevertheless, existing user implicit authentication approaches still have weaknesses in security and usability, which increase users’authentication burdens and pose potential safety issues. To address this problem, our paper proposes a user implicit authentication approach based on physiological and behavioral characteristics, using the most commonly performed actions in daily life to pre-authenticate users. In our method, multiple sensors are utilized to extract physiological and behavioral characteristics of users, and the sensor data is fused by aligning the extracted characteristic data and using the Kalman filter to reduce its noise. Users’authentication results can be determined by comparing the similarities between their reference and authentication samples using the siamese neural network. The experimental results show that our approach improves the performance of implicit authentication while ensuring its security and usability.

computer science, information systems,telecommunications,engineering, electrical & electronic

Yanyan Li,Junshuang Yang,Mengjun Xie,Dylan Carlson,Han Gil Jang,Jiang Bian

DOI: https://doi.org/10.1109/milcom.2015.7357627

2015-01-01

Abstract:Personal identification numbers (PIN) and unlock patterns are highly popular authentication mechanisms on smart mobile devices but they are not sufficiently secure. PIN or pattern mechanisms enhanced by additional, implicit behavioral biometric authentication can offer stronger authentication assurance while preserving usability, therefore becoming very attractive. Individual studies on PIN- and pattern-based behavioral biometric authentication on smartphones were conducted but their results cannot be directly compared. In this work, we present a comparison study on the authentication accuracy between PIN-based and pattern-based behavioral biometric authentication using both smartphone and tablet. We developed a uniform framework for both PIN-based and pattern-based schemes and used two representative methods-Histogram and DTW-for user verification. We recruited 15 users and collected behavioral biometric data for both simple and complex PINs and patterns. Our experimental results show that PIN-based and pattern-based behavioral biometric authentication schemes can achieve about the same level of accuracy but not all verification methods are equal. The Histogram method can achieve more consistent results and handle template aging better than the DTW method based on our results. Our findings are expected to shed light on the exploration and analysis of effective behavioral biometric verification methods and facilitate more comprehensive investigation on behavioral biometric authentication for mobile devices.

Yanyan Li,Mengjun Xie,Jiang Bian

DOI: https://doi.org/10.1109/cns.2016.7860464

2017-01-01

Abstract:Many studies have been conducted to apply behavioral biometric authentication on/with mobile devices and they have shown promising results. However, the concern about the verification accuracy of behavioral biometrics is still common given the dynamic nature of behavioral biometrics. In this paper, we address the accuracy concern from a new perspective-behavior segments, that is, segments of a gesture instead of the whole gesture as the basic building block for behavioral biometric authentication. With this unique perspective, we propose a new behavioral biometric authentication method called SEGAUTH, which can be applied to various gesture or motion based authentication scenarios. SEGAUTH can achieve high accuracy by focusing on each user's distinctive gesture segments that frequently appear across his or her gestures. In SEGAUTH, a time series derived from a gesture/motion is first partitioned into segments and then transformed into a set of string tokens in which the tokens representing distinctive, repetitive segments are associated with higher genuine probabilities than those tokens that are common across users. An overall genuine score calculated from all the tokens derived from a gesture is used to determine the user's authenticity. We have assessed the effectiveness of SEGAUTH using 4 different datasets. Our experimental results demonstrate that SEGAUTH can achieve higher accuracy consistently than existing popular methods on the evaluation datasets.