Broadly, biometrics represent uniquely identifying and measurable patterns in human interaction with a device. Keystroke dynamics is an additional layer of security that provides seamless, continuous user authentication virtually impossible to imitate due to the innate nature of its characteristics.
The solution, powered by machine learning algorithms, continuously monitors and improves its accuracy.It learns a wide variety of pattern elements of an individual and analyzes everything in the background, dynamically improving security.
The fist of the Sender – ally or enemy?
During World War II, military intelligence successfully identified the rhythm of morse code to distinguish allies from enemies. Even in the mid-1800s, based on the style they typed, telegraph operators’ identity could be revealed. What we are and how we interact with devices divulges a unique signature and, more importantly, our identity.
In the past decades, the development of keystroke dynamics has emerged slowly. Aided by the increasing power of computational machines, sophisticated algorithms are getting better at identifying the unique features of behavioral typing patterns. In the past five years, significant AI advancements allowed for the development of proprietary software to identify people by the way they type.
A nonlinguistic approach
In linguistic departments of world-renowned universities, ongoing research was done to determine the biological and psychological traits of users based on what they type. At TypingDNA, a nonlinguistic approach is used. TypingDNA’s algorithms are trained to analyze the dwell and flight times of the keys pressed by users as well as mobile sensory data on smartphones. However, it’s important to note that the typed content is never analyzed, stored, or used.
How we type is unique to who we are
The use of keystroke dynamics as a security measure may not be new, but recent technological developments have brought about some unique security benefits to this identification and verification method.
Keystroke dynamics can run into two modes: identification and verification. To be specific, the one-to-many mode aims to identify a user based on the previously collected data and profiles of all users. A pattern is matched against known templates to yield a score revealing the similarity between the pattern and the template. For ethical, security, and privacy reasons, this model shouldn’t be an option for anyone on the Internet.
At TypingDNA, we use the one-to-one mode to verify the user’s identity. The pattern is verified only by comparison with the user’s individual templates. The implementation flow will include an enrollment phase followed by the authentication of a user. We emphasize that typing patterns are at the core of TypingDNA’s ability to capture a person’s typing behavior. The process of capturing the typing biometric traits determines the quality and accuracy of the pattern recognition technology. Even so, just two enrollments are enough to create a user’s profile.
Same text and Any text.
The same text is a typing pattern that is used to authenticate a user comparing the enrollment pattern with the previous authentication attempts. Typical same texts captured for authentication are emails, usernames, passwords, first names, last names, phone numbers, credit card numbers, and short identical sentences. These use cases are for basic authentication scenarios such as 2FA or MFA, requiring a limited number of characters. (usually ten or less.)
Any text pattern refers to a more complex pattern of capture and recognition: the user authenticates while typing a different text than the one used for enrollment. Typical any texts can be categorized by emails, documents, or conversations. For high accuracy, TypingDNA’s algorithms can work with enrollment patterns’ length of usually 140 characters (or a Tweet long). The use cases may vary but the most common are for authentication in chatbots or document signature.
Typing biometrics are a secure and seamless authentication alternative. Most devices already have a keyboard. Therefore, the usage and adoption potential of keystroke dynamics is extensive. Once or if added as a second factor of authentication, typing biometrics represent one of the most viable options amongst behavioral biometrics.