1.

Introduction

This crazy usage of smartphones has led human being to some serious issues that
worldwide mobile connections have increased than the number of people. There are more
than 9.32 billion mobile connections worldwide. The net difference between world
population and worldwide mobile connections is 1.58 billion which is quite alarming
(GSMA, 2019).

1.1 Problem Formulation

The persisting and penetrating problem of security threats in android apps has grabbed
attention of many scientist and researchers to develop such methods which may make social
media apps secure in android environment. The present research is a contribution to solve this
issue. This research is based on developing a framework for securing social media
applications by applying biometric identification. This research will utilize MVVM, MVP
and MPC techniques which will identify the three traits of biometric identification i.e.
fingerprints, facial expression and voice recognition. This combination of techniques will
lead to develop a more secure framework for Asian countries. As in Asian countries Muslim
female are in habit of wearing veils so the voice and fingerprints may help them for securing
their information and assess them even with veil. This research is solely based on android
mobiles as they make up 75% of the worldwide smart phone market share in 2018
(Burroughs, 2019) .
The access guarantee towards different social media apps by the help of biometric
identification is more users friendly and easy to opt as a more secure option for interaction
while conveying and sharing our personal information, for example chatting, vedio chatt,
conference calling, financial meetings, and interviews at Skype etc. In case of keeping
passwords and pattern we are always in fear of cracking our passwords in case of stolen
device as many people often use some common passwords or some people use save
passwords option for different websites like businessmen for their official email ids which
can be misused by any person if he/ she may have access to the device.

2. Related Work
(Asghar, Riaz, Ahmad, & Safdar, 2008) contributed to provide security to
confidential information present in mobile devices. They combine both methods i.e.
password and biometric authentication. The main theme of their model was that it
involved Decrypting only the required files leaving the rest of files encrypted which could

1
guarantee the secure access to the information using session and file management. They
concluded that the security level at authentication became relatively high through
bifurcation of the storage and verification process of login information both locally and
remotely. Additionally, model included the advantages of biometric to further support the
system security.
(Schlöglhofer & Sametinger, 2012) pinpointed that authentication protected
against unauthorized usage. Many operating systems of mobile devices used
authentication mechanisms. But they were either vulnerable in some situations or not user
friendly. They suggested a novel authentication system which fulfilled both the
requirements of security and usability. They analyzed existing authentication methods
and targeting attacks. The developed Android application Se-cureLock was a generic
authentication system, which presented PIN and password, but also a property-based
authentication method by use of NFC tags, and a novel image-based method called Ges-
turePuzzle. The application was examined and compared with other approaches for
security and usability. They concluded that the users found it a secure authentication
application.
(Bommagani, Valenti, & Ross, 2014) explained the computationally intensive
biometric recognition performance on a mobile device by unloading the actual
recognition process to the cloud. Their major focus was facial recognition. They provided
a description of systematic approach for dividing a recognition operation and a bulk
enrollment operation into multiple tasks. As far as biometrics is concerned, conserving
the privacy and security of biometric data was equally important. They explored the role
of cancelable pattern generation for providing privacy protection when biometric data
was stored in a cloud environment.
(Fathy, Patel, & Chellappa, 2015) investigated the effectiveness of methods
for fully-automatic face recognition in solving the Active Authentication (AA) problem
for smartphones. They documented the results of face authentication from videos
recorded by the front camera. The videos were acquired while the users were executing
different tasks under to capture the type of variations caused by the ’mobility’ of the
devices. Moreover, variations caused by the mobility of the device, other issues in the
dataset include partial faces, occasional pose changes, blur and face/fiducial point
localization errors. They evaluated still image and image set-based authentication
algorithms using intensity features extracted around fiducial points. The recognition rates
drop dramatically when enrollment and test videos come from different sessions. They
2
contributed in a way that they would make the dataset and the computed features publicly
available to help the design of algorithms that are more robust to variations due to factors
mentioned above.
(Patel, Chellappa, Chandra, & Barbello, 2016) illustrated that the increase in
the use of mobile devices had made human beings worried about the security and privacy
because the loss of a mobile device could compromise personal information of the user.
To cope up with this issue, continuous authentication systems were suggested in which
continuously monitoring of users was practiced after the initial entree to the mobile
device. They presented an overview of different continuous authentication methods on
mobile devices. They portrayed the merits and drawbacks of available approaches and
outlined promising avenues of research in this rapidly evolving field.
(Shafique et al., 2017) critically evaluated the attacks and the susceptibilities
in smartphones’ authentication mechanisms. A comparative appraisal of various
authentication techniques along with the usage of the different authentication methods
was discussed which led the end-user towards choosing the most appropriate and
customizable authentication technique.
(Yu, He, Zhu, Cai, & Pathan, 2018) described that the visual image of the face
could vary immensely. Face recognition got affected by illumination conditions, areas of
coverage, ages, etc., making facial recognition very unstable for authentication. They
propose a technique in which they employed IMEI (International Mobile Equipment
Identity) to apply the backstage hidden automatic identification authentication mode for
the user. The suggested scheme achieved good user experience and was capable to boost
the practicability of identity authentication. Moreover, compared to recent authentication
schemes, the suggested scheme did not require the transmission of sensitive data in the
authentication process, further improving security.
(Gupta, Buriro, & Crispo, 2018) pointed out that User authentication was the
first line of protection to prevent unauthorized entree to the smartphone. According to
them different schemes proposed by researchers lacked an important feature that was
usability. This paper provided a brief description of several types and ways of
authentication, planned and developed predominantly to safe the entree to smartphones
and efforts to simplify correlated buzzwords, with the incentive to support new
researchers in understanding the gist behind those concepts. They also explained the
assessment of existing user authentication schemes displaying their security and usability
issues.
3
 (Laka & Mazurczyk, 2018) explained new mobile authentication method based on an
Open ID connect standard and subscriber identity module card. The suggested solution
enabled users to contact websites, services and applications without the need to remember
passwords, responses or support of any equipment. It was evaluated from the users’
perspective from the security viewpoint. A comparison of two most popular existing
authentication schemes i.e. static passwords and SMS OTP (one time password) was also
presented. Results revealed that the new authentication scheme yielded better results than the
existing methods.
(Verdecchia, Malavolta, & Lago, 2019) found out that to properly architect Android apps was
still argued and subject to contradictory opinions usually influenced by technological hypes
rather than objective evidence. In this study a mixed-method empirical research design that
combined (i) semi-structured interviews with Android practitioners in the field and (ii) a
systematic analysis of both the grey and white literature on the architecture of Android apps
was presented. They systematically extracted a set of 42 evidence based guidelines helping
developers for architecting their Android apps.

2.1 Semantic Review in Tabular Form

Table 1 is presenting the summary of related work including major findings and
shortcomings.

Table 1: Summarization of Application of Biometric Identification System for Securing

Mobile Devices

Author Yea Problem Formulation Methodology Findings Shortcoming

r
M. Tayyab 2008 Provision of security to A model based on password based and Provision of better security in comparison Factors to improve
et. al. confidential information contained biometric identification to other systems local and remote
in mobile devices server verification at
real time
Roland 2012 Proposed a novel authentication Analyzed existing authentication An assessment of their approach showed Designing such
Schlöglhofer system which met both the methods and targeting attacks. The that many users still were not aware of the mechanism
Johannes requirements of security and resulting Android application Se- perils in using mobile devices and that authentication which
Sametinger usability. The application has been cureLock was a generic authentication they favor more usable approaches to may varies depending
evaluated and compared with other system, which offered PIN and more secure ones. on parameters like
approaches for security and password, but also a property-based period of inactivity or
usability. authentication method by means of last used application
NFC tags, and a novel image-based
method called Ges-turePuzzle.
Aruna Sri et. 2014 Designing a computationally focused on facial recognition, though Investigated the feasibility of secure incorporating
al. intensive biometric recognition the paradigm that could be applied to cloud-empowered mobile biometric improved
which could be performed on a other modalities. identification systems, and the metrics face recognition

4
 mobile device by offloading the use of parallel LBP facial identification established could be utilized as algorithms and
actual recognition process to the system benchmarks for future cloud computing multimodal
cloud. based biometric systems biometrics
Mohammed 2015 Investigated the effectiveness of A dataset of 750 videos was gathered Results showed that the recognition rates Development of
E. Fathy, methods for fully-automatic face over three sessions with different dropped dramatically when enrollment algorithms that are
Vishal M. recognition in solving the Active illumination conditions to capture the and test videos come from different invariant to mobility
Patel, Rama Authentication (AA) problem for kind of changes that were likely to be sessions. and yet do effective
Chellappa smartphones. present with mobile devices. computation
Examined still image and image set-
based authentication algorithms using
intensity features extracted around
fiducial points.
Maria 2016 It proposed a facial Employing Eigenfaces algorithm to The effectiveness of utilizing prototype Although the system
Rosario D. recognition security system Facial Recognition showed a robust produced positive
Rodavia in order to prevent unauthorized security and preventive measure for results but as time
Orlando entry of an individual. unauthorized access within goes it will become
Bernaldez an establishment. The used of ISO9126 obsolete in no time
Maylane characteristics for evaluation formed that’s why a lot of
Ballita positive results to the prototypes innovations are
effectiveness. required to be done to
maintain the trend of
the application.
Vishal M. 2016 Everybody is worried about the Provided an overview of different discussed the merits and drawbacks of
Patel et. al. security and privacy as the loss of a continuous authentication methods on available approaches and identified
mobile device could compromise mobile devices. promising avenues of research in this
Personal information of the user. rapidly evolving field.
To resolve it, continuous
authentication systems have been
proposed in which users are
continuously monitored after the
initial access to the mobile device.
Sandeep 2017 This paper surveyed various types Authentication types and ways Presented the assessment of existing user
Gupta, and ways of authentication, description authentication schemes exhibiting their
Attaullah designed and developed primarily security and usability issues.
Buriro, and to secure the access to smartphones
Bruno and
Crispo

2017 Analyzed the attacks and the Semantic review , collected different
Usman vulnerabilities in smartphones’ techniques Summarization comparative analysis of
Shafique authentication mechanisms. different authentication techniques for
et. al. smartphones

2018 Proposed a technique which used Designing technique based on blowfish It could enhance the practicability of
IMEI to apply the backstage hidden algorithm that used IMEI identity authentication. In comparison to
Yi Yu
automatic identification existing authentication schemes, the
et. al.
authentication mode for the user. proposed scheme did not require the

5
 transmission of sensitive data in the
authentication process, further improving
security.

Pawel Laka1 2018 Provided authentication method In order to evaluate user’s view on proposed an innovative authentication
· Wojciech which is based on an Open ID various authentication methods scheme which relied on the Secure
Mazurczyk1 Connect standard and subscriber a questionnaire was prepared and Element which is a SIM card. Performed
identity module card. distributed among 40 participants. experiments proved that the proposed
. They performed a security analysis authentication method can be very
with respect to all authentication comfortable and user-friendly The
solutions mentioned in paper to assess proposed solution enabled users to access
whether there are any major risks websites, services and applications
related to the proposed method without the need to remember passwords,
responses or support of any equipment.
Obtained results revealed that the new
authentication
scheme yielded better results than the
existing methods
Roberto 2019 This study aimed: (i) to illustrate A mixed-method experimental The main contributions of this study were:
Verdecchia, the state of the practice on research design that combined (i) semi- 1) interviews of 5 practitioners that
Ivano architecting Android apps and (ii) structured interviews with Android delivered qualitative information
Malavolta , to offer a set of evidence-based practitioners in the field, and (ii) a about architecting Android apps;
Patricia Lago guidelines for supporting systematic study of both the grey and 2) an organized analysis of the grey
developers while architecting white literature on the architecture of and white literature about
Android apps. Android apps. Specifically, starting architecting Android apps
from 5 interview transcripts and an 3) a set of 42 evidence-based strategies
initial set of 306 potentially-relevant for architecting Android apps
primary studies, through a thoroughly 4) the replication package of the study.
defined and replicable process, they
select 44 data points. They analyzed
each data point with respect to each
android app architect, pattern and
practice. The potential impacts on
quality were also examined.
Lastly, a set of 42 guidelines for
architecting Android apps was
analytically synthesized from the
acquired practices. The initial
guidelines were ordered around 4
themes including the most adopted
architectural patterns and principles
when developing Android apps (e.g.,
Model-ViewViewModel

3. Finding Research gap and our contribution

All the above mentioned researchers are lacking, ignoring and neglecting one common
feature that is universality or universal acceptability. They are not dealing humans as

6
social animals. They are not depicting man as social animal. As every society have some
norms and traditions. People follow those customs and interaction while using their social
media applications. The residents of Asian Society especially belonging to Muslim
society follow hija/ veil system while using their cell phones in public. So this is
shortcoming while using biometric identification for iris and facial recognition as females
may hide their eyes in some areas. Even in some areas women wear gloves. So we can’t
neglect a specific portion of females having this issue. So a combination of fingerprints,
voice scan and facial authentication is the approach which can deal all the persons in a
Muslim society. Many men in Muslim society wear beard so the fingerprint and voice
recognition would be a better option for them. So the present study would cover the
issues of all sections of society.
4. Scope of Research
Biometric identification is regarded as the most trustworthy tool for safe and secure
interaction in an android mobile. As many people share their personal information while
interacting over social media applications. The biometric system involves identification
and verification process which further enhances its applicability in modern era. Currently
a lot of organizations are using this method which is increasing its worth as well as
providing a wider spectrum of application field. Followings are the applications as listed
below
1- The Government of India has initiated the project ―UID for unique identity card of
each Indian in 2009. This card encloses iris scan fingerprint data of the person.
2- Several banks are implementing the use of biometrics traits for person authentication
in their ATMs in rural areas where persons are uneducated.
3- Iris scan technology is used for card less transaction with ATM.
4- London‘s Heathrow Airport has applied Iris scan technology for approval of
immigration of visitors.
5- A curfew enforcement system using voice-scan was implemented by the New York
City Department of Corrections. Bacob, a Belgian financial institution, became the
first European bank to deliver a system for customers to make protected transactions
by telephone (Nanavati, Thieme, & Nanavati, 2002).
6- In Australia, Timemac Solutions has used Nuance voice-scan and speech recognition
technology to allow stockholders to trade shares via telephone.

7
 7- In 1998, Ben-Gurion Airport in Tel Aviv, Israel, installed a system using hand-scan
technology to allow Israeli citizens to avoid lines when traveling internationally.
8- Retina-scan technology is best installed in high-security environment. In the mid-
1990s, the state of Illinois actually piloted retina-scan technology as a means of
preventing and identifying duplicate welfare recipients.
9- The other rarely used biometric technology is signature scanning.

The current study will engulf 4 major areas of biometric identification. i.e. iris
recognition, finger prints, voice recognition, face recognition etc. It will try to mitigate all
the deficiencies of previous researches by combining all techniques of biometric
identification i.e. by using multimodal biometric identification.

1. Purpose of Study
The study aimed to secure android mobile for each and every user by providing
multiple options for people for choosing their own convenient technique of biometric
identification from three options i.e. facial recognition, fingerprints and voice recognition by
using MVVM, MVP techniques.

Biometric system development for

Muslim society

Research gaps
Veil issue in facial and iris recognition
Beard issue in male
Lacking universality, Universal
acceptability

Our contribution Methodology

Feature Extraction
Focusing Asian especially Muslim technique MVVM,
Combined approach of facial,
society for resolving veil and Beard MVP
voice and finger print
issues recognition

8
Flow Chart 1: Proposed Framework for Biometric Identification in Muslim Society

6. References

2. Asghar, M. T., Riaz, M., Ahmad, J., & Safdar, S. (2008). Security model for the
protection of sensitive and confidential data on mobile devices. Paper presented at the
2008 International Symposium on Biometrics and Security Technologies.
3. Bommagani, A. S., Valenti, M. C., & Ross, A. (2014). A framework for secure cloud-
empowered mobile biometrics. Paper presented at the 2014 IEEE Military
Communications Conference.
4. Burroughs, E. W. (2019). Pocket Sized Threats: Discussing Malware Attacks on
Android Smartphones. Utica College.
5. Fathy, M. E., Patel, V. M., & Chellappa, R. (2015). Face-based active authentication
on mobile devices. Paper presented at the 2015 IEEE International Conference on
Acoustics, Speech and Signal Processing (ICASSP).
6. GSMA. (2019). Definitive data and analysis for the mobile industry. GSMA
Intelligence, from https://www.gsmaintelligence.com/
7. Gupta, S., Buriro, A., & Crispo, B. (2018). Demystifying authentication concepts in
smartphones: Ways and types to secure access. Mobile Information Systems, 2018.
8. Laka, P., & Mazurczyk, W. (2018). User perspective and security of a new mobile
authentication method. Telecommunication Systems, 69(3), 365-379.
9. Nanavati, S., Thieme, M., & Nanavati, R. (2002). Biometrics: Identity Verification in
a Networked World: Wiley.
10. Patel, V. M., Chellappa, R., Chandra, D., & Barbello, B. (2016). Continuous user
authentication on mobile devices: Recent progress and remaining challenges. IEEE
Signal Processing Magazine, 33(4), 49-61.
11. Schlöglhofer, R., & Sametinger, J. (2012). Secure and usable authentication on
mobile devices. Paper presented at the Proceedings of the 10th International
Conference on Advances in Mobile Computing & Multimedia.
12. Shafique, U., Sher, A., Ullah, R., Khan, H., Zeb, A., Ullah, R., . . . Shah, M. A.
(2017). Modern authentication techniques in smart phones: Security and usability
perspective.
13. Verdecchia, R., Malavolta, I., & Lago, P. (2019). Guidelines for Architecting Android
Apps: A Mixed-Method Empirical Study. Paper presented at the 2019 IEEE
International Conference on Software Architecture (ICSA).
14. Yu, Y., He, J., Zhu, N., Cai, F., & Pathan, M. S. (2018). A new method for identity
authentication using mobile terminals. Procedia computer science, 131, 771-778.