RiderAuth: A cancelable touch-signature based rider authentication scheme for driverless taxis

Sandeep Gupta, Kiran Raja, Fabio Martinelli, Bruno Crispo

Research output: Contribution to journalArticlepeer-review

1 Citation (Scopus)


Driverless taxis are now closer to their worldwide launch, however, unsupervised physical access to the riders can pose unexpected safety and security risks to the connected and autonomous vehicle’s ecosystems. Thus, the need for human-to-machine authentication in driverless settings cannot be disregarded to maintain their smooth operations. In this paper, we propose a first rider authentication scheme, RiderAuth, using touch-signature behavioral biometrics to authenticate customers before they commence their ride in driverless settings. We also propose a template protection scheme for finite length touch-signature features using a random orthogonal projection method to address biometric template leakage. We design Android-based client and Cloud-based server prototypes to evaluate both the security and usability of our proposed scheme. We collect a new database of 1800 touch-signatures samples from 30 users in an unsupervised field experiment for two weeks. RiderAuth achieves a True Acceptance Rate (TAR) of 96.66% at False Acceptance Rate (FAR) of 0.01% without template protection and a TAR of 94.88% at FAR=0.01% with proposed template protection scheme. Subsequently, we implement a d-prime weighted score-level fusion to further enhance RiderAuth’s accuracy. We evaluate the unlinkability and revocability of the proposed template protection scheme to verify its suitability for authenticating riders in a privacy preserved setting. In addition, we conduct a survey to evaluate user acceptance of our proposed scheme using the System Usability Scale (SUS) where we get a score of around 70% suggesting a positive experience and acceptance of RiderAuth.
Original languageEnglish
Article number103357
Number of pages12
JournalJournal of Information Security and Applications
Early online date25 Nov 2022
Publication statusPublished - Dec 2022
Externally publishedYes


Dive into the research topics of 'RiderAuth: A cancelable touch-signature based rider authentication scheme for driverless taxis'. Together they form a unique fingerprint.

Cite this