Home > SuperTips > Identity Theft > What are Keystroke Biometrics?
SuperTips Categories

Share This:

What are Keystroke Biometrics?

Identity Theft

Keystroke biometrics are processes that involve the analysis of an individual's typing speed and rhythm. Software can analyze an individual's unique typing "personality" and compare it to previously set benchmarks in order to authenticate the identity of a computer user. Learn more about keystroke biometrics and how they are being used today.

The Science Behind Keystroke Biometrics

For keystroke dynamics to be effective, a computer software program must be able to compare a current user to a pre-analyzed typing identity. To accomplish this, the software incorporates a procedure known as keystroke logging. Keystroke logging measures such items as typing speed, dwell time (how long each key is held down) and flight time (interval between "key up" of one key and "key down" of the next key). Through this analysis, an individual's typing mannerisms can be identified with an accuracy of 99 percent.

Keystroke Biometrics and Identity

Keystroke analysis is considered a behavioral biometric. Behavioral biometrics involve the statistical analysis of human behaviors (such as mannerisms and handwriting). In comparison, physical biometrics achieve authentication by reviewing physical characteristics of an individual. Examples of physical biometrics include fingerprint analysis, retina scans, facial scans and palm analysis. Though behavioral biometrics are not considered quite as fraud-proof as behavioral biometrics, they can still be incredibly worthwhile. Additionally, rigidity of pass/fail parameters for keystroke biometrics can be altered based on the level of security required (such is not the case for physical biometrics).

Current Applications of Keystroke Biometrics

Keystroke biometrics are most commonly used as a complementary security measure for password authentication. In addition to validating access to a network or website via password, keystroking also reviews the dynamics of how the password is input. Doing so serves as an additional measure for sensitive online access points. More sophisticated software programs also log keystrokes once a password has been authenticated. In this way, more long-term keystroke analysis can alert individuals to a potential security breach even once an individual has logged in.

There are currently a number of competing keystroke biometrics software programs available from which to choose. Each utilize a unique algorithm for authenticating users.

Find local Information Security Resources