Abstract
This paper presents an overview on the possible use of behavioral biometrics methods in mobile banking and payment applications. As mobile applications became more common, more and more users conduct payments using their smartphones. While requiring secure services, the customers often do not lock their devices and expose them to potential misuse and theft. Banks and financial institutions apply multiple anti-fraud and authentication systems - but to ensure the required usability, they must develop new ways to authenticate their users and authorize transactions. Answer to this problem comes with a family of behavioral biometric methods which can be utilized to secure those applications without hindering the usability. The goal of this paper is to describe potential areas in which behavioral biometrics can be used to ensure more secure mobile payments, increase usability and prevent frauds.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
- 2.
Profile of movement, based on unique traits that identify walk pattern specific for a user.
- 3.
Actually, the question of the extent of this privacy threatening behavior is always a trade-off, as banks e.g. keep customer actions which also contain potentially private information but if this information is used for fraud detection and widely accepted among users.
References
GSMA Intelligence: The mobile economy 2018 (2018). https://www.gsma.com/mobileeconomy/wp-content/uploads/2018/02/The-Mobile-Economy-Global-2018.pdf. Accessed 05 July 2018
Deloitte Center for Financial Services: 2018 banking outlook (2018). https://www2.deloitte.com/global/en/pages/financial-services/articles/gx-banking-industry-outlook.html. Accessed 05 July 2018
Visa: Annual digital payments study Europe 2017 (2017). https://www.visaeurope.com/media/pdf/45377.pdf. Accessed 05 July 2018
Visa: Annual digital payments study Poland 2016 (2016). https://resources.mynewsdesk.com/image/upload/thv1p2ep6thuchr66z6m.pdf. Accessed 05 July 2018
Fridman, L., Weber, S., Greenstadt, R., Kam, M.: Active authentication on mobile devices via stylometry, application usage, web browsing, and GPS location. IEEE Syst. J. 11(2), 513–521 (2017)
Hevner, A.R., March, S.T., Park, J., Ram, S.: Design science in information systems research. MIS Q. 28(1), 75–105 (2004)
Saeed, K.: Biometrics principles and important concerns. In: Saeed, K., Nagashima, T. (eds.) Biometrics and Kansei Engineering, pp. 3–20. Springer, New York (2012). https://doi.org/10.1007/978-1-4614-5608-7_1
Crawford, H., Renaud, K.: Understanding user perceptions of transparent authentication on a mobile device. J. Trust Manag. 1(1), 7 (2014)
Kałużny, P.: Behavioural profiling authentication based on trajectory based anomaly detection model of user’s mobility. In: Abramowicz, W. (ed.) BIS 2017. LNBIP, vol. 303, pp. 242–254. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69023-0_21
Gascon, H., Uellenbeck, S., Wolf, C., Rieck, K.: Continuous authentication on mobile devices by analysis of typing motion behavior. In: Sicherheit, pp. 1–12. Citeseer (2014)
Li, F., Clarke, N., Papadaki, M., Dowland, P.: Active authentication for mobile devices utilising behaviour profiling. Int. J. Inf. Secur. 13(3), 229–244 (2014)
Milton, L.C., Memon, A.: Intruder detector: a continuous authentication tool to model user behavior. In: 2016 IEEE Conference on Intelligence and Security Informatics (ISI), pp. 286–291. IEEE (2016)
Shi, E., Niu, Y., Jakobsson, M., Chow, R.: Implicit authentication through learning user behavior. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 99–113. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-18178-8_9
Gupta, S., Buriro, A., Crispo, B.: Demystifying authentication concepts in smartphones: ways and types to secure access. Mob. Inf. Syst. 2018 (2018). https://www.hindawi.com/journals/misy/2018/2649598/cta/
Saevanee, H., Clarke, N.L., Furnell, S.M.: Multi-modal behavioural biometric authentication for mobile devices. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) SEC 2012. IAICT, vol. 376, pp. 465–474. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-30436-1_38
Bailey, K.O., Okolica, J.S., Peterson, G.L.: User identification and authentication using multi-modal behavioral biometrics. Comput. Secur. 43, 77–89 (2014)
Telesign: Beyond the password: the future of account security (2016). https://www.telesign.com/wp-content/uploads/2016/06/Telesign-Report-Beyond-the-Password-June-2016-1.pdf. Accessed 10 Sept 2016
Buriro, A., Crispo, B., Del Frari, F., Klardie, J., Wrona, K.: ITSME: multi-modal and unobtrusive behavioural user authentication for smartphones. In: Stajano, F., Mjølsnes, S.F., Jenkinson, G., Thorsheim, P. (eds.) PASSWORDS 2015. LNCS, vol. 9551, pp. 45–61. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29938-9_4
Xu, H., Zhou, Y., Lyu, M.R.: Towards continuous and passive authentication via touch biometrics: an experimental study on smartphones. In: Symposium on Usable Privacy and Security, SOUPS, vol. 14, pp. 187–198 (2014)
Kayacik, H.G., Just, M., Baillie, L., Aspinall, D., Micallef, N.: Data driven authentication: on the effectiveness of user behaviour modelling with mobile device sensors. arXiv preprint arXiv:1410.7743 (2014)
Ehatisham-ul Haq, M., Azam, M.A., Naeem, U., Amin, Y., Loo, J.: Continuous authentication of smartphone users based on activity pattern recognition using passive mobile sensing. J. Netw. Comput. Appl. 109, 24–35 (2018)
Wang, X., Yu, T., Zeng, M., Tague, P.: XRec: behavior-based user recognition across mobile devices. Proc. ACM Interact. Mob. Wearable Ubiquit. Technol. 1(3) (2017). Article no. 111. https://portalparts.acm.org/3140000/3139486/fm/frontmatter.pdf?
Alzubaidi, A., Kalita, J.: Authentication of smartphone users using behavioral biometrics. IEEE Commun. Surv. Tutor. 18(3), 1998–2026 (2016)
Guerra-Casanova, J., Sánchez-Ávila, C., Bailador, G., de Santos Sierra, A.: Authentication in mobile devices through hand gesture recognition. Int. J. Inf. Secur. 11(2), 65–83 (2012)
Bo, C., Zhang, L., Li, X.Y., Huang, Q., Wang, Y.: SilentSense: silent user identification via touch and movement behavioral biometrics. In: Proceedings of the 19th Annual International Conference on Mobile Computing & Networking, pp. 187–190. ACM (2013)
Li, L., Zhao, X., Xue, G.: Unobservable re-authentication for smartphones. In: NDSS, pp. 1–16 (2013)
Ngoc Diep, N., Pham, C., Minh Phuong, T.: SigVer3D: accelerometer based verification of 3-D signatures on mobile devices. In: Nguyen, V.-H., Le, A.-C., Huynh, V.-N. (eds.) Knowledge and Systems Engineering. AISC, vol. 326, pp. 353–365. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-11680-8_28
Sultana, M., Paul, P.P., Gavrilova, M.: A concept of social behavioral biometrics: motivation, current developments, and future trends. In: 2014 International Conference on Cyberworlds (CW), pp. 271–278. IEEE (2014)
Saevanee, H., Clarke, N., Furnell, S., Biscione, V.: Text-based active authentication for mobile devices. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Abou El Kalam, A., Sans, T. (eds.) SEC 2014. IAICT, vol. 428, pp. 99–112. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55415-5_9
Damaševičius, R., Maskeliūnas, R., Venčkauskas, A., Woźniak, M.: Smartphone user identity verification using gait characteristics. Symmetry 8(10) (2016). https://doi.org/10.3390/sym8100100
Zahid, S., Shahzad, M., Khayam, S.A., Farooq, M.: Keystroke-based user identification on smart phones. In: Kirda, E., Jha, S., Balzarotti, D. (eds.) RAID 2009. LNCS, vol. 5758, pp. 224–243. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04342-0_12
Shahzad, M., Liu, A.X., Samuel, A.: Secure unlocking of mobile touch screen devices by simple gestures: you can see it but you can not do it. In: Proceedings of the 19th Annual International Conference on Mobile Computing & Networking, pp. 39–50. ACM (2013)
Zou, L., He, Q., Feng, X.: Cell phone verification from speech recordings using sparse representation. In: 2015 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), pp. 1787–1791. IEEE (2015)
Bayometric: Top five biometrics: face, fingerprint, iris, palm and voice. https://www.bayometric.com/biometrics-face-finger-iris-palm-voice/. Accessed 27 Aug 2012
Alotaibi, S., Furnell, S., Clarke, N.: Transparent authentication systems for mobile device security: a review. In: 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST), pp. 406–413. IEEE (2015)
Wójtowicz, A., Joachimiak, K.: Model for adaptable context-based biometric authentication for mobile devices. Pers. Ubiquit. Comput. 20(2), 195–207 (2016)
Ayed, M.B.: Method for adaptive authentication using a mobile device. US Patent 8,646,060, 4 Feb 2014
Giuffrida, C., Majdanik, K., Conti, M., Bos, H.: I sensed it was you: authenticating mobile users with sensor-enhanced keystroke dynamics. In: Dietrich, S. (ed.) DIMVA 2014. LNCS, vol. 8550, pp. 92–111. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08509-8_6
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Kałużny, P. (2019). Behavioral Biometrics in Mobile Banking and Payment Applications. In: Abramowicz, W., Paschke, A. (eds) Business Information Systems Workshops. BIS 2018. Lecture Notes in Business Information Processing, vol 339. Springer, Cham. https://doi.org/10.1007/978-3-030-04849-5_55
Download citation
DOI: https://doi.org/10.1007/978-3-030-04849-5_55
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-04848-8
Online ISBN: 978-3-030-04849-5
eBook Packages: Computer ScienceComputer Science (R0)