Mobile communication devices are pervasive in today's society. As a result, users store, access, and run applications with access to sensitive personal or professional data. For example, a user may access a bank account via their mobile device, and the mobile device often stores account numbers, login credentials, and other data needed for accessing the bank account. As another example, a user may access their work email messages via stored login credentials.
To prevent unauthorized access to a mobile device, and thus the sensitive data, security measures that restrict access to the mobile device are employed. One such measure is requiring a user to enter a passcode as a condition precedent to accessing the mobile device. Another measure involves employing a fingerprint scanner on the mobile device, and collecting a biometric data sample each time a user attempts to access the mobile device. Yet another security measure involves the use of facial recognition in lieu of a passcode.
These measures, however, are not secure, provide a poor user experience, and/or subject to spoofing. That is, passcode entry often fails to provide a high level of access security as passcodes are easily hackable. Furthermore, security measures, such as fingerprint scanning, require the addition of costly hardware not generally found on mobile devices, and may result in an overly cumbersome user access experience. Finally, facial recognition analysis can be spoofed with still images, or video, of a user with access to the mobile device. Although liveness checks requiring users to blink or use facial expressions may be included in facial recognition analysis based approaches, these approaches can still be spoofed with videos of the user with access to the mobile device, and are inconvenient to users seeking access to the mobile device.