EMAuth: A USABLE CONTINUOUS AUTHENTICATION SCHEME

Abstract

**Please note that the full text is embargoed until 05/12/2025** ABSTRACT: In recent years, wearables have become an integral part of daily life for most users. Wearables provide a seamless supplement to their main counterparts such as smartphones, and tablets. With the increasing prevalence of smart devices in a ubiquitous manner, protecting data has become a crucial aspect of security in all areas of life, as individuals can be vulnerable to such threats regardless of their location. As a security measure, authentication measures have been adopted. Traditional/ Legacy Authentication mechanisms such as TouchID, FaceID, and Password/PIN are incorporated into the everyday life of users. There also exists another mode of authentication known as continuous authentication, in which the identity of the user is continuously verified. In this study, we focus on continuous authentication. Existing state-of-the-art efforts on schemes either require sophisticated sensors, are not primarily focused towards mobile devices, or require a longer time for making a decision (due to behavior-based approaches). Furthermore, there is a lack of new deauthentication schemes thereof. To address these issues, we propose EMAuth which allows users to remain continuously authenticated by seamlessly observing their interactions with a smartphone/tablet. EMAuth is a continuous authentication scheme that verifies the identity of the user in a recurring manner, leveraging both a time-based based on the received electrical signals due to the user’s interaction with the screen from a wearable. To validate our scheme, we built a proof-of-concept prototype and conducted robust experiments to demonstrate high accuracy for both security and usability aspects and resistance to different attack scenarios.