BioTouchPass: Handwritten Passwords for Touchscreen Biometrics

TL;DR

This paper proposes a biometric authentication system using handwritten digits on touchscreens, demonstrating its effectiveness and robustness, and providing a new dataset for research, with promising error rates for secure deployment.

Contribution

Introduction of BioTouchPass, a touchscreen biometric system using handwritten digits, along with a new dataset and benchmark results for authentication performance.

Findings

Achieved approximately 4.0% EER in biometric verification.

Demonstrated robustness with increased password length and samples.

Provided a new dataset for online handwritten digit biometrics.

Abstract

This work enhances traditional authentication systems based on Personal Identification Numbers (PIN) and One-Time Passwords (OTP) through the incorporation of biometric information as a second level of user authentication. In our proposed approach, users draw each digit of the password on the touchscreen of the device instead of typing them as usual. A complete analysis of our proposed biometric system is carried out regarding the discriminative power of each handwritten digit and the robustness when increasing the length of the password and the number of enrolment samples. The new e-BioDigit database, which comprises on-line handwritten digits from 0 to 9, has been acquired using the finger as input on a mobile device. This database is used in the experiments reported in this work and it is available together with benchmark results in GitHub. Finally, we discuss specific details for the deployment of our proposed approach on current PIN and OTP systems, achieving results with Equal Error Rates (EERs) ca. 4.0% when the attacker knows the password. These results encourage the deployment of our proposed approach in comparison to traditional PIN and OTP systems where the attack would have 100% success rate under the same impostor scenario.