• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Home
  • Research Projects
  • Publications
  • People
  • Teaching
  • Media Outreach
  • News Archive

SPIES Lab, Computer Science and Engineering

Texas A&M University College of Engineering

Tap Biometrics

Transparently Authenticating NFC Users with Tapping Gesture Biometrics

The deployment of NFC technology on mobile phones is gaining momentum, enabling many important applications such as NFC payments, access control for building or public transit ticketing. However, (NFC) phones are prone to loss or theft, which allows the attacker with physical access to the phone to fully compromise the functionality provided by the NFC applications. Authenticating a user of an NFC phone using PINs or passwords provides only a weak level of security, and undermines the efficiency and convenience that NFC applications are supposed to provide. In this work, we devise a novel gesture-centric NFC biometric authentication mechanism that is fully transparent to the user. Figure below shows the high level overview of our system. Simply “tapping” the phone with the NFC reader – a natural gesture already performed by the user prior to making the NFC transaction – would unlock the NFC functionality. An unauthorized user cannot unlock the NFC functionality because tapping serves as a “hard-to-mimic” biometric gesture unique to each user. We show how the NFC tapping biometrics can be extracted in a highly robust manner using multiple – motion, position and ambient – phone’s sensors and machine learning classifiers. The use of multiple sensors not only improves the authentication accuracy but also makes active attacks harder since multiple sensor events need to be mimicked simultaneously. Our work significantly enhances the security of NFC transactions without adding any extra burden on the users.

The user gets authenticated just based on the uniqueness of his tapping gesture, a form of behavioral biometrics. The process is completely transparent to the user – no additional work is needed beyond what is currently done in NFC systems.

The user gets authenticated just based on the uniqueness of his tapping gesture, a form of behavioral biometrics. The process is completely transparent to the user – no additional work is needed beyond what is currently done in NFC systems.

People

Faculty

  • Nitesh Saxena

Student

  • Babins Shrestha (@UAB; PhD 2016; now Cybersecurity Professional at Visa)
  • Manar Mohamed (@UAB; PhD 2016; now Visiting Assistant Professor at Miami University)

External Collaborators:

  • Sandeep Tamrakar (@Aalto University; PhD 2016; now Software Engineer at Bitwards)

Publication

  • Theft-Resilient Mobile Wallets: Transparently Authenticating NFC Users with Tapping Gesture Biometrics
    Babins Shrestha, Manar Mohamed, Sandeep Tamrakar, and Nitesh Saxena.
    In Annual Computer Security Applications Conference (ACSAC), December 2016
    [pdf]

Recent News

  • “Neuro Security” work got a MURI award from AFOSR March 22, 2023
  • Paper accepted to Oakland 2023 March 14, 2023
  • Paper (conditionally) accepted to MobiSys 2023 February 27, 2023
  • Paper accepted to USENIX Security 2023 February 21, 2023
  • 2 full papers accepted to WiSec 2023 January 30, 2023
  • Cybersecurity Program Led By Dr. Saxena Ranks Best! January 26, 2023
  • EarSpy in Media January 26, 2023
  • Dr. Saxena is a Co-PI on Thematic AI Lab November 28, 2022
  • Paper accepted to PMC 2022 November 28, 2022
  • Paper accepted to ICISC 2022 November 28, 2022
  • A New Grant from NSA October 17, 2022
  • Dr. Saxena appointed as a Dean’s Research Fellow October 17, 2022
  • Dr. Saxena to lead a new SaTC Medium project on Election Security July 16, 2022
  • SPIES Lab’s 12th PhD Graduate — Anuradha Mandal July 16, 2022
  • SPIES Lab’s 11th PhD Graduate – Payton Walker July 6, 2022
  • Two papers accepted to PST 2022 June 9, 2022
  • Paper accepted to ICDCS 2022 April 4, 2022
  • Paper accepted CHIL 2022 March 19, 2022
  • 2 papers accepted to WiSec 2022 March 19, 2022
  • Paper accepted to EuroS&P 2022 February 12, 2022

© 2016–2023 SPIES Lab, Computer Science and Engineering Log in

Texas A&M Engineering Experiment Station Logo
  • College of Engineering
  • Facebook
  • Twitter
  • State of Texas
  • Open Records
  • Risk, Fraud & Misconduct Hotline
  • Statewide Search
  • Site Links & Policies
  • Accommodations
  • Environmental Health, Safety & Security
  • Employment