If you’re like most people, you’ve been locked out of a few accounts due to password issues. Whether that’s because you forgot your password or you can’t remember the answer to your security question, this can easily lead to an important account being permanently lost. Fortunately, typing biometrics technology makes it possible to ensure that your website users never have to face this distressing problem.
Pros and cons of typical online self-service recovery
Right now, your accounts are most likely backed up by a secondary verification process such as a security question, backup email or SMS. The main pro of online self-service recovery is, of course, that it can be used quickly to re-access an account if you lose your password.
This works well if someone is able to remember the answers they’ve provided, but sometimes memory erodes or answers change after an extended period of time. For example, is your current favorite movie the same as it was five years ago? If not, you could lose access to your account because you enter the wrong title during secondary login verification or while trying to reset your password.
Regardless of the pros and cons, online self-service recovery related to security questions and SMS is extremely common. Sites including online banking, social media and SaaS services rely heavily on this particular password recovery method, even though it has heavy flaws.
Biggest flaw associated with the typical account recovery process
Not only is it easy for people to forget their passwords and the answer to their security questions, especially if they don’t have to enter them frequently, but it’s also possible for information to be spoofed. For example, if your site uses SMS as a secondary verification method for password recovery, it’s possible for social engineering hackers to steal someone’s account.
This is a tremendously large flaw that opens the door for cybercriminals and gives your company a greater liability risk. The good news is that you no longer have to worry about alienating customers by making their data easily accessible to cybercriminals.
Typing biometrics minimize the problem and the risk
TypingDNA’s co-founder lost control of his Skype account when the password recovery process went askew. Although it was truly his account, there were some discrepancies due to the passage of time eroding the necessary information from his memory. This is one of the things that inspired us to look for a better way to verify logins and aid people with account recovery.
Typing biometrics have many advantages over security questions, SMS or an alternate email address. The prime advantage, though, is that no one needs to remember any secondary information to access or recover their account. Instead, users can be recognized and verified by providing a random typing sample.
Something as simple as typing a bit of text may seem riskier than other second-factor authorization or account recovery options, but there’s a lot more to typing biometrics than simply inputting some text. In fact, the beauty of behavioral biometrics is that the system learns how each user utilizes their keyboard.
In other words, behaviors such as typing speed, tabbing preferences and even typical hesitations are monitored constantly and can be used to determine if the right person is accessing an account. This offers instantaneous verification that’s secure for your users and enables you to know that the appropriate people are utilizing the password recovery feature.
Avoiding social engineering hacks with typing biometrics
Being able to verify someone’s identity with an easy process that can’t be lost is invaluable. It gets even better, though, when you realize that someone’s typing pattern isn’t transmissible. In other words, companies that switch to TypingDNA for account verification and password recovery greatly minimize the risk of fraudulent access.