Abstract
On-demand ride and ride-sharing services have revolutionized the point-to-point trans- portation market and they are rapidly gaining acceptance among customers worldwide. Alone, Uber and Lyft are providing over 11 million rides per day (DMR, 2018a,b). These ser- vices are provided using a client-server infrastructure. The client is a smartphone-based application used for: (i) registering riders and drivers, (ii) connecting drivers with riders, (iii) car-sharing to share the expenses, minimize traffic congestion and saving traveling time, (iv) allowing customers to book their rides. The server typically, run by multi-national com- panies such as Uber, Ola, Lyft, BlaBlaCar, manages drivers and customers registrations, al- locates ride-assignments, sets tariffs, guarantees payments, ensures safety and security of riders, etc. However, the reliability of drivers have emerged as a critical problem, and as a consequence, issues related to riders safety and security have started surfacing. The lack of robust driver verification mechanisms has opened a room to an increasing number of misconducts (i.e., drivers subcontracting ride-assignments to an unauthorized person, reg- istered drivers sharing their registration with other people whose eligibility to drive is not justified, etc.) (Horwitz, 2015; USAtoday, 2016). This paper proposes DriverAuth –a novel risk-based multi-modal biometric-based au- thentication solution, to make the on-demand ride and ride-sharing services safer and more secure for riders. DriverAuth utilizes three biometric modalities, i.e., swipe, text-independent voice, and face, in a multi-modal fashion to verify the identity of registered drivers. We evaluated DriverAuth on a dataset of 10,320 samples collected from 86 users and achieved a True Acceptance Rate (TAR) of 96.48% at False Acceptance Rate (FAR) of 0.02% using En- semble Bagged Tree (EBT) classifier. Furthermore, the architecture used to design Driver- Auth enables easy integration with most of the existing on-demand ride and ride-sharing systems.