Multi-factor authentication (MFA) is a good method that prevents fraudulent enrollment. We recommend using it from the start, during the registration process to ensure only the right user’s behavior is mapped to the account.
First user registration
New users of online platforms or services go through an initial registration by typing their login credentials: a username and password. During that step, when typing biometrics authentication is applied, the typing pattern is recorded in order to be matched against future samples. This way, only the user whose typing pattern was initially enrolled will have access to the account.
Why MFA prevents fraudulent enrollment
The question regarding fraudulent enrollment refers to who is the person who types during enrollment. Let’s say a hacker would be able to utilize a stolen email to register an account on a platform that applies typing biometrics as an authentication factor. This leads to the hacker having their typing pattern mapped to the stolen account. To prevent such circumstances, authentication should be based on one additional factor owned by the real user, such as one-time passcodes (OTP) via SMS or e-mail.
We recommend that there is an increased level of assurance (LOA) based on two-factor authentication (2FA), or multi-factor authentication (MFA), which is a solution that not only securely prevents fraudulent enrollment but it also safeguards against unauthorized account access.