The ideal solution to increase application security should also be easy to implement, without the need for a huge amount of resources while not providing a negative customer experience to the user. This is where mobile phone authentication can help as it is globally accessible and relatively inexpensive. Phone numbers have become the ultimate user identifier due to phones being ubiquitous and an essential modern day communication accessory. Furthermore, people keep the same number over long periods of time — ten years or more — making the data collection and tracking process a lot easier.
Mobile phone authentication is a relatively easy process for the user. The user then has to input this information into the application. This provides security in case the IP channel is compromised. As a result, only the owner of that phone number gets access to the password allowing them to log in to the application and verify their identity with an OTP or PIN code.
This then creates a genuine association between user and phone number. The ubiquity of the mobile device, and the convenience of its utility as a one-time-use passcode device, enables businesses all over the world to take advantage of the intersection of convenience and security.
There are also some added security measures that one can implement with mobile phone authentication:. If the user is genuine, this should be enough time for them to get the code from the phone and input it back into the service or application. This can reduce the window a fraudster has to auto generate enough combinations of OTP or PINs to try and gain unauthorized access to the application.
Virtual numbers are numbers without a directly associated telephone line. As it can be determined whether a user is providing a mobile, landline or virtual number e. This will reduce the chances of fraud as the user will need to have a phone associated with the mobile number. If a fraudulent user is approved, security is immediately compromised.
Allowing the user to opt for mobile phone authentication every time they log into your service or application will provide them with an extra layer of security. It is similar to offering someone an extra padlock on their door so that anyone who tries to break in will have more hurdles to get through. For example, Twitter has an opt-in login verification feature where the user is sent a code every time they sign in to twitter. Therefore, it is recommended to add another layer of security such as mobile phone authentication to this process.
How your phone number became your mobile identity
It is important to add another authentication layer when a user makes upgrades or account changes as these may potentially have a significant impact. Imagine an instance when a child tries to make purchases without consent. Mobile phone authentication will allow the parent to be notified of the attempt before they unknowingly get stuck with a big bill at the end of the month.
This use case is similar to mobile phone authentication on login. However, not everyone will want to enter a code every single time they log into an application, especially if the service is one that supposedly offers convenience e. An access level value L A u s e r was used for each user class, which represented the level of access privileges assigned to a user class. Generally, a higher value of the access level for a user class means that a user belonging to that specific class is allowed to access more data and information as compare to the users belonging to a user class with lower access level value.
Therefore, the access level value was assigned to each user class in such a way that the authenticated user class had the maximum value, the impostor user class had the minimum value, and the supplementary user class had a median value for this access level, i.
Using your phone number to authenticate your mobile identity
This access level value was calculated on the basis of R m i n using Equation The values were assigned to L A u s e r according to the following criteria:. The classification score was calculated on the basis of the access level value assigned to a user class, weight of the activity recognized W A r and the maximum normalized probability P N m a x , as given in Equation The classification score was scaled to a different range of values, depending upon the value of maximum normalized probability, according to the following criteria:. It can be observed from Equations 15 to 17 that even for the same value of the normalized probability across different user classes, the classification score will be different.
If the weight of the activity recognized W A r is considered as close to 1, and a median value of 0. Two threshold values, i. These threshold values were calculated as given in Equations 18 and These threshold values discarded the normalized probability values that were obtained corresponding to the conditional probability values less than P L m a x because these values had no effect on user classification. It can be seen from Equations 14 to 19 that the classification score and the threshold values are dependent on the value of R m i n.
- Computer Monitoring Software Cheating Spouse.
- Easy Way to Track agps Android phone Spy.
- Authentication of Smartphone Users Based on Activity Recognition and Mobile Sensing.
- A second check?
- File Extensions and File Formats?
- Call Tracker App for Android.
- How to See Your Wifes Phone Without Jailbreak.
Any change in the value of R m i n will result in a change in the classification score. The threshold values are computed in such a way that upon any change in the value of R m i n , these values will get updated according to the new classification score to avoid any significant change in the user classification results. While testing user classification, a median value, i. The classification score and the threshold values were then computed accordingly. It can be observed that the difference between these threshold values, i.
If a maximum value is taken for R m i n , the difference between these threshold values becomes least. Conversely, if R m i n is assigned a minimum value of 0. In both these cases, the results of user classification may not be proficient because the margin between these threshold values and the classification score will either become too small or too large, which may influence the user classification results. Hence, a median value of R m i n is more suitable for efficient user classification.
For the purpose of smartphone user authentication, the proposed framework utilized activity recognition and user classification. The user classification was performed by means of activity recognition.
1. Introduction
To evaluate the performance of the proposed scheme, the experimental results are presented in two different sections separately for activity recognition and user classification. Following sections discuss these results. These classifiers were selected because they have been used in the state of the art for activity recognition [ 20 , 21 , 25 , 59 ]. To ensure fairness in activity recognition results, a fold stratified cross validation scheme was used for evaluating the performance of these classifiers. Hence, all activity traces in the dataset were split randomly into 10 sets, and iterated 10 times in such a way that every set of data was selected to use for testing and remaining sets were employed for training of the classifiers.
Only the average results of all 10 repetitions are included in this section. The kappa statistic is a measure that is independent of the total number of classes and the number of samples per class. These performance metrics are evaluated for all four classifiers selected for activity recognition, and the results of activity classification are computed separately for all five body positions selected in this study. It can be observed that the individual classification accuracies of standing, running, and sitting activities are higher irrespective of the classifier and the body position.
Thus, it can be said that these activities are more easily recognizable than other selected activities. Thus, the readings of smartphone inertial sensors are different. The classification of walking, walking upstairs, and walking downstairs activities is position dependent, and gives better results if the smartphone is placed in the left or right jeans pocket. All six activities are recognized with higher individual accuracies when classified with SVM and BN classifiers.
Table 5 shows the performance parameters of the selected classifiers for activity recognition at five different body positions. Table 6 shows the average values of individual performance metrics for all selected classifiers. It can be seen that the overall average values of accuracy rate, kappa statistic, and f-measure are higher and comparable for SVM, BN, and DT classifiers. However, K-NN provides lower accuracy rate along with lower kappa statistic and f-measure values.
The average accuracy rate for SVM classifier is The average accuracy rate of BN classifier is 0. Performance metrics of the selected classifiers for activity recognition at five body positions. Another important performance metric for evaluating the performance of these classifiers is their computational complexity, which effects the time taken by each classifier for building training model and performing classification. Figure 6 shows a comparison of the computational time taken by the selected classifiers for activity classification.
It can be observed that K-NN classifier takes less time as compare to all other classifiers. The time taken by SVM classifier for activity classification is The time taken by DT classifier for activity classification is On the basis of the results discussed above, it can be said that the overall performance of Bayes Net classifier in classifying the selected activities is better than other classifiers performance. Although, SVM provides the best accuracy rate for activity classification, but its error magnitude is also quite higher.
On the other hand, the BN classifier provides an accuracy rate that is comparable to the accuracy rate of SVM classifier, but its error rate is very small. Also, the SVM classifier is computationally expensive, and it takes significantly more time for building a training model and performing classification. As a smartphone is equipped with limited processing power, memory, and storage, therefore, it is not feasible to use SVM classifier for on-device activity classification in real-time.
- Gizmoquip SMS Tracker for iPhone Review.
- Facebook Hacker App for Android Stern Tv.
- Monitor Someones Facebook Secretly for iPhone.
- Get Boyfriends or Husbands Viber Text Messages Without Jailbreak.
Otherwise, the battery power will be drained quickly, and the output will be delayed because of the extensive computational time taken by SVM classifier for classification. Bayes Net classifier is based on a probabilistic model that is computationally very simple [ 39 ]. Hence, it takes less time in building and updating the training model, and performing on-device activity classification in real time.
This suggests the Bayes Net classifier as an optimal choice for online activity recognition using smartphone sensors. The user authentication was done by means of user classification based on activity recognition. For user classification, three user classes were considered, including authenticated, supplementary, and impostor class. However, there were no user class labels for the participants in the dataset. Our idea was to utilize the dataset for learning the activity patterns of different users or a set of users.
For this reason, the users in the dataset were randomly divided into three folds, i. Fold-1 and Fold-2 represented the sets of users belonging to the authenticated and supplementary classes, respectively, whereas Fold-3 contained the set of users belonging to the impostor class. Five different scenarios were taken for the distribution of 10 users among these folds, as shown in Table 7. For each scenario, all possible permutations of the users were applied on three folds iteratively in such a way that every user became a part of each fold at least once.
For this purpose, each fold of data representing a specific user class was randomly partitioned into two independent sets, i. For every user class, the authentication model was trained to recognize six selected activities performed by the user while carrying the smartphone at five different body positions. The research work in [ 20 , 21 , 58 , 59 ] showed that a time interval of 4—5 s is sufficient for the recognition of a physical activity, considering a sampling rate of 50 Hz.
For this purpose, the user authentication model was trained to identify a user with the activity duration of 5 s. During testing of user classification, the selected features were extracted from testing data over a data segment of 5 s in time, having samples at a rate 50 Hz. The activity performed by the user was recognized based on these extracted features. After that, the recognized activity and the extracted features were passed to the user authentication model.
The probabilistic scoring model was applied on the extracted features to calculate classification score on the basis of Euclidean distance between different feature vectors, using Equation A median value of 0. The user was classified as authenticated, supplementary, or impostor based on these threshold values.