Browse Prior Art Database

System and Method for Touch-based Authentication of Mobile Device (Focus Area: Human Interaction)

IP.com Disclosure Number: IPCOM000216054D
Publication Date: 2012-Mar-21
Document File: 4 page(s) / 79K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a system and method for touch-based authentication of a mobile device. The system incorporates a user code comprised of a series of recognizable taps on the touch screen.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 43% of the total text.

Page 01 of 4

System and Method for Touch-based Authentication of Mobile Device (Focus Area: Human Interaction)

Touch screen devices such as smart phones and tablets are widely used in day-to-day activities for both business and personal use. These activities include checking personal email, making online secure purchases, accessing corporate confidential data, and more. Similar to a laptop, security and access control are heavily guarded at the entry to the operating system (i.e., logon to the laptop, or logon to the phone). Once a user is on the operating system (OS), the web browser and the applications (e.g., the Virtual Private Network (VPN) dialer) have probably stored the login information on the device; thus, gaining access to different web sites or a corporate network will not require a entering password again.

Traditional unlocking methods present significant usability and security weaknesses. A touch screen's lack of tactile feedback forces a user to look at the screen while unlocking the device. This demand significantly increases distraction, further constrains certain handicapped users, and limits the development of muscle memory (i.e., the human mind's ability to learn physical movements through repetition). Positive user experience is strongly tied to ease of muscle memory development. In addition, since there are a finite number of combinations on a virtual keypad or grid, a device may be unlocked in a finite time by an unintended user.

To logon to some touch screen devices, the user touches the screen to input a password or draw some patterns. This motion can be detected by observers, but, more significantly, drawing with one's finger on a touch screen leaves behind detectable oily smudges that reveal the pattern to the pass code. This leaves the device's pass code vulnerable to unintended users.

Prior art reveals some solutions to the issue of smudges on a handheld device being a security risk. These include methods to:


• Wipe the screen with additional, detractor smudges


• Reconfigure the entry screen so that the logon pattern is different


• Use an easy to clean screen protector and a screen cleaner


• Use "shaking" of the mobile device to form a pattern and provide instruction to the device


• Authentication via face recognition

Each of these solutions poses some inconvenience to the user or remains vulnerable to a breach in device security.

The disclosed solution provides an alternate authentication mechanism that reduces the security risk caused by drawing/pattern entry and smudges on the device's screen. The invention proposes the use of tapping on the touch screen as a pattern for authentication.

It is proposed that the entire height and width of the device touch screen display a

1


Page 02 of 4

single button and that the beat with which a user taps on the button is used as the pass code to unlock the device. The beat is defined as the period of consecutive times a user's fingertip is pressed upon the button and...