Authentication by Gesture Recognition: a Dynamic Biometric Application

Benoit Ducray

Research output: ThesisDoctoral Thesis

407 Downloads (Pure)


With the expansion of digital information and the number of people potentially able to access it, there are increasing demands for efficient, secure systems which authenticate users effectively. At the end of the 1960’s, IBM defined three authentication factors: knowledge factor, which relates to ``something the entity knows''; ownership factor, relating to ``something the entity has/possesses''; inherent factor, which can be summarised as ``something the entity is or does''.

Each of these factors possesses its own limitations: knowledge factors can be forgotten or discovered by a fraudster; ownership factors can be lost, stolen or counterfeited. These nuisances have led to increased use of biometric authentication as a means of increasing security. However, conventional biometrics are static, so if compromised cannot be changed by the user. This has led to interest in techniques that authenticate using changeable multi-factor authentication measures that are influenced by biometrics, rather than being completely reliant on them. Investigating the practicality and security of such techniques provided the motivation for this research.

First we needed to identify these ``easily changeable biometrics'' and it led us to define a new biometric family, which we called the dynamic biometrics. We then studied the security characteristics of this new family.

Out of the dynamic biometrics, we chose to focus on one of these elements, authentication based on gesture recognition. We conducted several experiments to assess the ability of this authentication technique to authenticate the genuine user and reject any impostors, either if these impostors do not know the gesture or do random movements.

We continued by looking for a secure place to store the gesture recognition's template and run the application. We evaluated the possibility of doing that on a personal limited device, such as a Smart Card.

Then we designed a protocol to use a gesture recognition application which we analysed with respect to several threat vectors.
Original languageEnglish
Awarding Institution
  • Royal Holloway, University of London
  • Mayes, Keith, Supervisor
  • Price, Geraint, Advisor
Award date1 Dec 2017
Publication statusUnpublished - 2017


  • Biometrics
  • smart card
  • Dynamic biometrics
  • Gesture Recognition
  • Gesture authentication
  • Host Card Emulation
  • Dynamic Time Warping
  • Kinect
  • Leap Motion
  • Biometric
  • Dynamic biometric
  • microsoft kinect
  • passthoughts
  • fingerprint
  • Face recognition
  • voice recognition
  • biometric criteria

Cite this