Work In Progress: A New Approach of Changeable Password for Keystroke Dynamics Authentication System on Smart Phones

Since the functionality of cell phones is getting more powerful, the relative security issues of cell phones become extremely important. Most of subscribers use personal identification number (PIN) codes which combined with 6-8 numbers to protect their Subscriber Identity Module (SIM) cards from illegal accesses. But it is easily to be decoded by the shoulder surfing attack. Many studies have employed keystroke dynamics to protect the PIN code, and the relative results exhibit that keystroke dynamics can indeed improve the security of a PIN code. However, the traditional keystroke dynamics-based authentication (KDA) system has to collect user’s keystroke dynamics firstly and then produce a unique personal biometrics. It’s inconvenient for users when changing their PIN codes is required, because the corresponding KDA systems have to be retrained. To solve the above-mentioned drawbacks, this paper proposes a novel technique allows users can change their PIN codes anytime without any extra retraining. It not only enhances the security of the simple PIN codes but also enriches the user confidence of accessing e-bank, buying stocks, paying credit card bill and other service via cell phones. Conducted experiment results show that the proposed approach can effectively improve the KDA system to distinguish legitimate users and impostors even when users change their original passwords.