CybersecurityNew technique identifies smartphone thieves in seconds
Three million phones were stolen in the United States. Ben-Gurion University of the Negev (BGU) researchers have developed a technique that identifies a smartphone thief or intruder in under fourteen seconds.
Ben-Gurion University of the Negev (BGU) researchers have developed a technique that identifies a smartphone thief or intruder in under fourteen seconds.
“While most people are confident that password protecting a phone is sufficient, they tend to choose familiar passwords that are easy to guess,” says BGU researcher Liron Ben Kimon. “With our approach, even if someone has the password, they can’t replicate a smartphone user’s unique behavior.”
Ben Kimon recently completed her M.Sc. in data mining and business intelligence in the BGU Department of Software and Information Systems Engineering supervised by Prof. Bracha Shapira, Prof. Lior Rokach, and. Yisroel Mirsky. She is now a data scientist at PayPal in Beer-Sheva’s Advanced Technologies Park adjacent to the University.
“What is new about this verification method is that the model evaluates the touch pattern sequence,” Ben Kimon says. “For example, smartphone users interact with their device while using Google differently than they might type a message, and we can detect that.”
Her verification model extracts information from a phone’s sensors to identify frequency, pressure and speed of touch combined with the application being used. The program also computes thirty seconds of recent history, such as which screens a user touched, which buttons were pressed and how much electricity was used.
The researchers culled information from twenty users over a two-week period to develop their model, which shows that unauthorized users can be identified in under fourteen seconds with less than thirty-five screen actions. On average, a user touches the screen thirty-five times in 13.8 seconds.
“A thief will almost certainly touch the screen more than thirty-five times to steal information because he is not familiar with an owner’s phone settings and apps,” Ben Kimon says. “The phone can learn the typical touch and sequence pattern, and lock out an unauthorized user to prevent data theft, or someone you don’t want peeking at your messages.”
Three million phones were stolen in the United States, and another three million were lost in 2013, according to Consumer Reports.
