This project aims to effectively evaluate all available sensor data embedded within a mobile device for a transparent authentication system using machine learning.

Mobile phone has become a method used by most people daily to store and process private and sensitive information. To secure information stored on mobile phones, different forms of authentication methods (knowledge-based and tokens) are currently in use. Most of these forms of mobile phone authentications in use pose certain drawbacks that are either easy to circumvent or cumbersome to use (Feng, 2015). As a result, new forms of mobile phone authentication are being proposed to mitigate some of these drawbacks. Mobile phone-based biometric is one of the new forms of authentication. Mobile phone sensors can be harnessed to offers a wide range of solutions for authentication. This work focused on analysing and evaluating mobile phone sensors for an explicit and transparent user authentication process. In this project, LG mobile phones were used to extract data from thirty (30) participants. The mobile phone sensors that were used included gyroscope, accelerometer, linear accelerometer, proximity sensor, gravity sensor, GPS sensor, magnetometer and the rotation sensor. A supervised machine learning algorithm was applied after feature extraction with Feedforward Neural network for the data classification. An EER within the range of 31%-43% is achieved using 30 participants.

There has been an increased number of smartphone users in recent years all over the world. In a research released by datareportal, the world population stands at 7.1billion people, and there are about 2.71billion smartphone users, accounting for almost every third person worldwide owns a smartphone (datareportal, 2019).

Smartphones and tablets have become essential for accessing social media applications, emails, cloud computing, banking applications and several other utility applications (Fudong et al., 2014). Users also store essential information such as pictures, contact numbers, schedules and several other personal information in smartphones (Feng, 2015).

Along with the increased number of smartphone users, security and privacy threats come into play, smartphone applications such as banking applications require a high level of confidentiality. As such, it is essential to secure data stored on mobile phones (Fudonget al., 2014).

According to The Telegraph, in 2018, an average smartphone user uses their phone at least once in every twelve (12) minutes (Hymas, 2018). As smartphones are meant for recurrent and quick use, it is now essential to maintain the privacy of sensitive information and data in these devices by using non-intrusive but fast and more accurate authentication methods (Muhammad et al.,2017).

Unfortunately, most widely used authentication methods such as PINs, passwords, pattern locks, fingerprint scans require a user to interact with the phone actively and put in some information or draw sophisticated patterns on touch screens before a user is authenticated, this is frustrating for smartphone users authentication (Muhammad et.al., 2017). Using human behavioural patterns to continuously and implicitly authenticate mobile phone users using inbuilt mobile phone sensors addresses most of the issues of authenticating a smartphone with little or no effort (Muhammad et al., 2017). The accuracy of biometric authentication increases with the use of more than one biometrics. Analysing and evaluating mobile phone sensors would enable thorough research on biometric and contextual data which is suitable for combination for a multi-biometric transparent and continuous user authentication.

The Scope of this project includes extracting data from mobile phone sensors while users are performing controlled activities such as walking, sitting and standing and analysing the sensor data suitability for user authentication.

This project aims to effectively evaluate all available sensor data embedded within a mobile device for a transparent authentication system using machine learning.

The objectives of this project are to:

i. Identify the available sensors in mobile devices and data which can be extracted from theses sensors.

ii. Carry out a feasibility study on suitable features to use for classifying the sensor data.

iii. Conduct a performance evaluation of the extracted data’s suitability for transparent user authentication.

According to the Oxford English dictionary, authentication is a process or action of proving the Genuity or validity of something, and in computing, authentication is the process or action or verifying the identity of a user or process.

Mobile Phone authentication is used to verify the identity of a user using one or more authentication methods on a mobile device (Rouse, 2015).

Rouse (2015), explained that mobile phone authentication methods are generally divided into two sections, which are either the knowledge or biometric-based user authentication.

The knowledge-based mobile phone user authentication method is based on what the user knows. Forms of knowledge-based authentication methods are listed below:

• Text-based passwords

• Picture based password

• Pins or alphanumeric password

Biometric-based user authentication is also divided into two sections:

Physiological (what you are)

• Face recognition

• Iris recognition

• Fingerprint scanners

Behavioural (what u do)

• Gait

• Voice recognition,

• Keystroke

• Signature

Authentication methods can further be categorised based on the number of techniques used for authenticating a user (Reham, 2014). A single factor form of authentication uses only one form of authentication to authenticate a user such as using only passwords or using only fingerprint biometrics while a two factor or multimodal form of mobile phone authentication uses the combination of two or more authentication methods to authenticate a user such as the combination of password and face recognition (Reham, 2014).

Knowledge-based or biometric forms of authentication can be done either implicitly or explicitly (Hassan, 2015). Implicit authentication uses the behavioural form of biometric authentication to provide a continuous authentication process while the explicit form of authentication is when a user intentionally performs a task to be authenticated, for example, physiological and knowledge-based form of authentication (Hassan, 2015)