State-of-the-art authentication does little to account for the way in which users interact. For example, knowledge-based authentication schemes such as PIN, lock patterns, or passwords were invented at times where people authenticated with very few devices and only a few times per day. At the same time, as a result of crowd services and smart devices, users today access sensitive information through 100 accounts on average and authenticate several hundres times a day. This leads to a significant overhead in authentication times and users are forced to use more passwords than they can remember.

In contrast, implicit authentication schemes hold a lot of promise as they can operate seemlessly in the background. In particular, we look at how knowledge about users' behavior can be leveraged to build authentication schemes that are both more usable and more secure. We are interested in the technical foundations of such schemes (How can we build suitable authentication models? How can we use them across applications and contexts?) and in the users' view (How can implicit mechanisms be built that preserve users' privacy? How can the acceptance of users' be increased?).

Publications

Here go the most important publications in this area.