Users usually authenticate to mobile devices before using
		  them (e.g. PIN, password), but devices do not do the same
		  to users. Revealing the authentication secret to a
		  non-authenticated device potentially enables attackers to
		  obtain the secret, by replacing the device with an
		  identical-looking malicious device. The revealed
		  authentication secret could be transmitted to the attackers
		  immediately, who then conveniently authenticate to the real
		  device. Addressing this attack scenario, we analyze
		  different approaches towards mobile device-to-user (D2U)
		  authentication, for which we provide an overview of
		  advantages/drawbacks, potential risks and device
		  authentication data bandwidth estimations. We further
		  analyze vibration as one D2U feedback channel that is
		  unobtrusive and hard to eavesdrop, including a user study
		  to estimate vibration pattern recognition using a setup of
		  \sim7 bits per second (b/s). Study findings indicate
		  that users are able to distinguish vibration patterns with
		  median correctness of 97.5% (without taking training
		  effects into account) – which indicates that vibration
		  could act as authentication feedback channel and should be
		  investigated further in future research.<br>
<br><pre>@inproceedings{Findling_15_TowardsDeviceto,
  author = {Findling, Rainhard Dieter and Mayrhofer, Ren\'e},
  title = {Towards Device-to-User Authentication: Protecting Against
  		  Phishing Hardware by Ensuring Mobile Device Authenticity
  		  using Vibration Patterns},
  booktitle = {14th International Conference on Mobile and Ubiquitous
  		  Multimedia (MUM'15)},
  year = {2015},
  pages = {131--136},
  month = dec,
  publisher = {ACM},
  doi = {10.1145/2836041.2836053}
}
</pre>