Smartphones and Biometrics: Gait and Activity Recognition

User authentication is a means of identifying the user and verifying that the user is allowed access to services or objects and is a very central step in many applications. People pass through various types of authentication services in their day-to-day activities. For example, to log on to a computer the user is required to know a secret password. Similarly, when turning on a mobile phone the user has to know a PIN code or a touch pattern. Some person authentication methods are based on human physiological or behavioural characteristics, such as fingerprints, face, or voice. Authentication methods differ in their strengths and weaknesses. PIN codes and passwords have to be remembered and gloves have to be removed before fingerprint authentication. Security and usability are essential factors in person authentication. Usability relates to the unobtrusiveness, user-convenience, and human-friendliness of the authentication method. Security is related to the robustness of the authentication method and vulnerability against attacks. Recent advances in microelectronic chip development allow user authentication based on gait (the way a person walks), using small, light, and low-cost sensors. One of the benefits of this is that unobtrusive person authentication through gait recognition is now possible by using mobile smart phones. Optimization of performance and a strong focus on security, while not ignoring usability, will lead to an increased protection of information on smart mobile devices through the use of gait recognition. The general aim of the research described in this thesis was to protect smart mobile devices against unauthorized access by using gait recognition based on the data collected from the sensors embedded in these devices. The effort was not only to develop new innovative algorithms to improve performance in gait recognition, but also to develop awareness on the usability of this method by focusing on activity recognition and continuous authentication, as well as assuring security against deliberate attackers