What is Key Stroke Dynamics

Authentication has traditionally relied on users producing one or more of something you know (such as a passwords or PIN), something you have (such as a number from an hard token key) or something you are (such as your fingerprints or face.)…. Behaviour-based biometrics, adds another factor to the mix: (“something you do”). Keystroke rhythm is a natural choice for computer security. This concept stems from observations that similar neuro-physiological factors that make written signatures unique are also exhibited in a user’s typing pattern.

When a person types, the latencies between successive keystrokes, keystroke durations, finger placement and applied pressure on the keys can be used to construct a unique signature (i.e., profile) for that individual. For well-known, regularly typed strings, such signatures or passwords this can be quite consistent.

Privacy – Keystroke dynamics : not what you type,
but how you type

No Passwords are stores during Authentication Process

The technology verifies two issues:
(i) are the credential correct?
(ii) is the way of typing it similar?

We do not store Users
chronological data of time stamp of keystrokes

How Applicable is it?

Furthermore, recognition based on typing rhythm is not intrusive, making it quite applicable to computer access security as users will be typing at the keyboard anyway. Application of such technology not only can be used in authenticating users but also to revolutionize insider-threat detection. Moreover, unlike other biometric systems, which may be expensive to implement, keystroke dynamics is extremely cost effective — the only hardware required is the keyboard.

What about User Training?

Ezmcom UBA biometric analysis is transparent to the user. enrollments can be collected over time as the user logs into the application. Should the organisation require its users to undergo an enrollment process It requires a simple, under 30 seconds – user enrollment instead of secondary passwords and extra verification codes,

Risk Scoring

UBA engine transparently authenticates the user by verifying that the current session behavior matches up with the established user profile created earlier. By comparing a login behavior in a current session with that of the registered one earlier, Ezmcom assess the likelihood of a login originating from a specific user with a certain threshold of acceptance. Ezmcom can behaviorally authenticate user logins, which drives down the number of failed step-up authentications, declined transactions and manual reviews, thereby, eliminating the need for users struggling to login or transact online to contact call centers. Additionally, we enable our customers increase their end user satisfaction which helps retain and grow the customer base. Ezmcom is at the cutting edge of the technology innovation and relies on the user specific subconscious patterns of behavior that emerge through repetitive human actions such as total sequence time (time it takes for the user to key in the whole string), flight times (time elapsed between 2 key downs) and key depressed times (time elapsed between key down and key up). With a reliable set of data to use and an acceptable threshold as a standard for each user, Ezmcom can then detect unusual behavior and identify it as a security risk. Relying on sophisticated machine learning and security algorithms, the Ezmcom technology builds up a unique profile of the user based on how they key in their passwords on the web. User authentication attempts that fall outside established behavior patterns can be denied or stepped up to Two-Factor authentication.

Simple security solutions such as passwords will always be undermined by simple hacking techniques. As such it’s important that industries – and in particular the financial and ecommerce industry – take a layer on top of solutions such as passwords with additional security yet user convenient solutions such as behavioral biometrics. By adding innovative security layers, banks and e-commerce firms can reduce risks. Finding the right balance between sophisticated security and ease of use for the customer would be key to the growing trend of consumers banking and shopping online.