----------------------- REVIEW 1 --------------------- PAPER: 97 TITLE: Touchalytics: On the Applicability of Touchscreen Input as a Behavioral Biometric for Continuous Authentication AUTHORS: (anonymous) [Short summary of paper's technical contributions] The authors propose to use touchscreen analysis as a discriminating device to obtain a behavioral biometric system in mode of continuous authentication; namely, the authors analyze strokes on a touchscreen. The authors design and carry experiments on a small group of volunteers. After that, they build a classifier systems and establish some biometric performance estimations (like EER). [Strengths of the submission] The paper is interesting and the experiment is carefully designed. Considerable number of aspects are discussed in the analysis. Such as the influence of instructor and variations in use of different smartphones. The authors also discuss the correlations between different features they analyze. [Weaknesses of the submission] The weakness of this submission is that this system does not provide any security improvement against even medium adversary (or at least this is not made clear in the paper). Actually, no attacker model is discussed. For example, if the device is stolen, the game is over and the data can be assumed lost. There are various ways to bypass the proposed system. Since the authors only consider slide/strokes to be of use in biometry, this system can be defeated by not using strokes (or using very small ones). One can argue the usefulness of this continuous authentication scheme, since the scheme is quite weak and it is not clear how and why it would be used in practice? For example, the paper should answer these questions: how long does it take to identify a malicious user? What should the scheme do in this case? The authours could at least try to get out of the biometry box and be more critical. Just discussing that the metrics are not based on the users who try to mimick the behavior of their victim isn't enough. Also, it would be nice to show some FRR/FAR ratios and examples of profiles. Providing kNN vs SVM analysis is maybe interesting but the models behave almost identically so perhaps one of them is sufficient. [Overall evaluation and importance] The idea itself is interesting and to my knowledge such analysis hasn't been done previously. The presented system is not secure, and it is not clear from the paper how such scheme would be used in practive. [Concrete questions for authors] Why did the authors discard the discussion on the different attackers? How exactly do the authors discard the strokes with a small displacement?