Rhythm Authentication Using Multi-Touch Technology: A New Method of Biometric Authentication


นายNakinthorn Wongnarukane, ผศ.ดร.ปราโมทย์ กั่วเจริญ


Lecture Notes in Computer Science


A keystroke authentication method has a lower cost and is more powerful and easier to use than other biometric authentication methods. However, traditional keystroke authentication has many weaknesses and is easy to attack by criminals. Attacks can include shoulder surfing attacks, eavesdropping attacks and key-logger attacks. When users try to access their computer or portable device by using keystroke authentication method, the users must push the correct buttons with the correct rhythm in order to be authenticated. If the users make several failed authentication attempts, the system will lock their account. As a result, the users usually use a simple password and rhythm for accessing their account which will make the risk even higher. This research proposes a new method of a keystroke authentication by using multi-touch technique on touchpad which is embedded on a laptop computer. The users can register their rhythm using their fingers on the touchpad to the system as a biometric authentication. An attacker will have difficulties conducting a shoulder surfing attack. This is because the users have no need to type their password and can use one hand to cover the other hand which is used to make their rhythm for the touch. Furthermore, the users can quickly make the rhythm. An eavesdropping attack is rendered useless since the touchpad can get event data when the users touch it without making any sound. Even though some users may not be vigilant and make tapping sounds, an eavesdropper cannot know how many fingers the users use to tap on the touchpad to make one beat. The research results show that the purposed multi-touch rhythm authentication performs better than the traditional keystroke method and provides better security, usability, and faster authentication.