Authentication Solutions Through Keystroke Biometrics
Current Threat: BioPassword, Inc. leads the market in delivering enterprise security solutions for software-only strong authentication. BioPassword protects company and individual assets with a simple, yet powerful combination of the user’s standard login credentials (userID and password), keystroke biometrics (their unique typing rhythm), and knowledge-based authentication (user selected questions and answers). BioPassword's strong authentication software is fast, accurate, transparent, scalable to millions of users and immediately deployable across the organization and the Internet without the need for expensive tokens, cards or other specialized hardware.
Tomorrow's Technology Today: BioPassword is the leader in delivering enterprise security software solutions for multi-factor authentication using the biometric science of keystroke biometrics. BioPassword protects corporate and individual assets with a simple, yet powerful combination of the user’s standard login credentials (userID and password) with the behavioral biometric of keystroke biometrics (the user’s unique typing rhythm).
A behavioral biometric is a measurable behavior trait that is acquired over time (versus a physiological characteristic or physical trait) and is used to recognize or verify a person’s identity. Keystroke biometrics is one of several innovative technologies used to automate the process of authenticating or verifying an individual based upon a unique, personal behavior – their typing patterns. Examples of other behavioral based biometrics include handwriting and speech recognition. The behavioral biometric of keystroke biometrics uses the manner and rhythm in which an individual types characters on a keyboard or keypad.
Keystroke biometrics measures the series of key down and key up event timings while the user types a string. For example, if a user’s password is ‘password,’ then key down and key up events are captured for each character. These raw measurements can be recorded from almost any keyboard to determine Dwell time (the time between key down and key up) and Flight time (the time from key down to the next key down to the time between one key up and the next key up) as represented in the figure below. Once the keystroke timing data is captured, the recorded keystroke timing data is then processed through a unique neural algorithm, which determines a primary pattern for future comparison. As with any biometric technology applied to an authentication function, the technology is used for two major functions: enroll and verify user credentials.
As part of the authentication process, the user types an authentication attempt and this sample is compared against the biometric template created during the enrollment process. Based on keystroke timings (and their fit to the stored template) a ‘biometric score’ is returned as the result of the comparison process. The score may then be used for making monitoring and/or access control decisions. By adding the ability to score a pattern against a template, BioPassword gives the customer the ability to associate business rules (such as requiring a challenge question or monitoring a specific transaction) with each authentication attempt rather than requiring a simple access/no access decision.
Over time, this user created biometric template might need to evolve. For example, the user might become more familiar with typing their password and require the solution to adapt to the new pattern. Based on neural network technology, BioPassword incorporates adaptive learning to ensure the users’ biometric templates evolve with their changing typing patterns. BioPassword’s adaptive learning capability captures and refines the user biometric template each time the user successfully verifies their biometric credentials. Therefore, the longer a user has the template, the better it will become. By being readily available using any keyboard, uniquely identifying users through the biometric template and learning over time using the neural network properties, BioPassword has developed the industry leading authentication technology using the science of keystroke biometrics.
Keystroke biometrics and the BioPassword solution compare favorably with other biometric security solutions and are far more superior to other non-biometric implementations such as profiling technologies and complex passwords. Using keystroke biometrics in authentication software delivers a solution that is fast, accurate, and scalable to millions of users, requires no change in user behavior and is immediately deployable across the organization and the Internet without the need for expensive tokens, cards or other specialized hardware. A users “rhythm” cannot be shared, lost or forgotten. Furthermore, a password with a biometric template can easily be reset. If a fingerprint/handprint template is stolen, it is stolen for life. By using BioPassword to monitor and authenticate users, organizations can quickly and cost effectively implement secure access, comply with regulatory requirements, and substantially reduce the risks of fraud.
Currently, BioPassword has matured the technology and delivered the world’s leading keystroke biometrics solution for authenticating users over the Internet (BioPassword Internet Edition 2.1) and as part of an enterprise network/application security framework (BioPassword Enterprise Edition 3.0). BioPassword products are used in banking, eCommerce, healthcare, government, education and technology. Since 2002, BioPassword has filed numerous additional patents to solidify and extend its technology advantage in keystroke biometrics. Furthermore, BioPassword is driving standards for keystroke biometrics as an authentication technology in the INCITS/M1 standards committee.
Conclusion: As many companies have found, security, usability and cost are critical components of any security technology implementation. Unlike other biometric security technologies, keystroke biometrics is the only security technology that offers the opportunity to tailor security and usability to offer a “best fit” solution for each application environment.
1605 NW Sammamish Road, Suite 105
Issaquah, WA 98027
Download the document
From Info Security Products Guide site: CLICK HERE