As of September 2012, about 85% of American adults own a cell phone, with over half of them owning a smartphone. For the years of 2011 and 2012, the smartphone ownership increased dramatically. One difference between the smartphone and the traditional cell phone is the ability to download and use mobile applications (commonly referred to as apps) that match various interests of individual owners. As a result, the mobile apps market also experienced an explosive growth. The number of apps exceeded one million with significant (e.g., 20% or more) annual increase of apps in major online apps markets. With an average of 50 apps installed on each smartphone and a daily average of 1.4 hours spent on using the apps, the mobile apps and the app markets have become a significant part of people's daily lives.
Internet traffic offers a wealth of geo-location data that originates from a user input as well as location based services. For example, a user sends geo-coordinates to find a restaurant on Google© Maps, as well as a location-targeted advertisement (ad) sending geo-coordinates of a targeted region inside the ads' HTTP headers, etc. Among the steady influx of geo data items from diverse geo-location sources, some reports are related to point-of-interests (PoIs), while others may not correspond to interests, thus creating noise to interest extraction. Examples of such noises are geo data items originating from a user's casual swiping over Google© maps, driving on a highway, or sending weather alerts about random cities in a given state.
In today's highly computerized and interconnected world there are several instances in which people need to authenticate, i.e., proof their identity, to a computer in order to gain access to cyber or physical resources. Typical examples in the cyber space are accessing services provided by servers connected to the Internet or decrypting secure messages received through the Internet. Typical examples in the physical world are accessing restricted areas, such as an office space or a home or physical resources, such as unlocking a bicycle of a bike sharing service.
Existing methodologies are based on the possession of a unique identification token that ranges from a password, to a PIN number, to a secret or private cryptographic key, to a magnetic card, to a smartcard, to a RFID, to a pseudo random sequence generator, and/or to a combination thereof. All of these identification tokens suffer from a common weaknesses: if anyone other than the legitimate owner gets possession of the token, he/she can use it to fraudulently authenticate as the owner, thus gaining unauthorized and illegitimate access to services and resources restricted to the owner of the token.