People store more and more sensitive data on their phone and use it for sensitive services such as banking or e-commerce. To protect their personal data the phone has to ensure a certain level of security. Most often methods like passwords and PINs are used, but physiological biometrics are slowly gaining more attention too. Since the first mobile phone using a fingerprint sensor was introduced, many manufacturers followed suit and a lot of mobile devices contain a fingerprint sensor nowadays. Biometrics are more convenient for the user, since they can’t be lost, forgotten or mistyped. However, physiological biometrics are not exactly secret and can therefore be copied and presentation attacks can be carried out. Another alternative is using behavioural biometrics of a user. A person’s behaviour is significantly harder to capture or obtain without consent.
This thesis will propose a biometric system, using behavioural biometrics, to continuously authenticate a user. The design will be proposed with the modalities gait, location and Wi-Fi. The gait modality was implemented in a prototype on the iPhone to carry out a data collection with 20 subjects. This data collection was used to evaluate two machine learning classifiers: Support Vector Machine and Random Forest.