Documente Academic
Documente Profesional
Documente Cultură
Alternative authentication solutions such as hardware tokens, one-time passwords, public key infrastructures or fingerprint readers are very expensive, involve a great deal organizational complexity and are cumbersome for endusers to use. The use of these solutions leads to a massive reduction in the conversion.
Traditional keyboard biometrics
Methods developed in the field of keyboard biometrics are able to
identify a person by the way he or she types on a computer keyboard. No additional hardware needs to be purchased or used,
thus making it possible to integrate this security technology very
easily and inexpensively. Keyboard biometrics has already been
used successfully in practical applications for several years. However, these sorts of traditional typing biometrics have one major
drawback, which is why they can only penetrate a small market.
They use predefined text templates that have to be typed by all
users over and over again. Each user must always type the same
text in order to be identified. This disrupts smooth and speedy interaction with the customer.
Solution: KeyTrac background text recognition
The KeyTrac system identifies persons by the way they type on a computer keyboard, with impressive recognition
ability. Unlike traditional methods, KeyTrac works with any text the user enters, thus making it the first method able
to analyze any text input in the background, without disrupting the work flow of the end user.
The solution can be integrated into any existing input forms, for example,
It is also possible to evaluate keyboard input when working with standard applications (e.g. e-mail programs, Office
solutions). The concealed background recording, combined with the high level of security, offer a number of attractive options for implementing the system in e-commerce applications something that would not be possible using
traditional keyboard biometrics.
Use case: fraud prevention
Payment providers and online retailers operate complex risk management systems that help to recognize stolen payment data or identify
fraudsters who create user accounts using fake names. The KeyTrac system is able to identify these fraudsters based on the way they type, if
they create a new fake account or use stolen login data or payment details.
Use case: duplicate registrations recognition
Users often forget their login details for online portals, which is why they often simply create a new account with
different user details. The provider incorrectly assumes a new account has been registered, thus resulting in unnecessary costs (e.g. for credit and address verification). In addition, the customer's usage habits can therefore no longer be tracked. KeyTrac makes it possible to detect duplicate registrations and to consolidate multiple accounts.
Use case: intrusion detection
KeyTrac can permanently monitor a computer in a way similar to virus scanners,
thus making it possible to determine whether the user who is logged into the system is actually working on the computer, or whether a different person is typing
on the computer. If a stranger is detected, the computer can be automatically
locked (user is prompted to authenticate again), or the event can be logged or an
alarm triggered.
The user types in a desired text into a form or other application. The keystrokes are recorded in the background on
the client side (see recording keystroke data). This data is transmitted to the KeyTrac Core Engine (server side). There
the calculation of KeyTrac profile is performed on the basis of several attributes that are extracted from the keystrokes that are recorded. The KeyTrac Core Engine produces the user's typing profile as a result, which is saved in a
database or a filesystem with a reference to the owner of the typing profile.
During the identification process an unknown user types any piece of text into a form or other application. Again, the
keystrokes are first recorded in the background on the client side (see recording of the keystroke data) and then
transferred to the KeyTrac Core Engine (server side). Next, the KeyTrac profiles are loaded from the database, and
the KeyTrac Core Engine compares them with the recorded keystroke data. Depending on the application, all KeyTrac
profiles (duplicate registrations recognition), only certain profiles (fraud prevention) or only a single profile (intrusion
detection) are checked. KeyTrac is able to perform approximately 1,000 profile comparisons per second on a conventional server system. In load balancing environments, this capacity can be greatly increased. The KeyTrac Core Engine
determines a probability (biometric score) for the match with each individual profile. When the value exceeds a certain threshold defined for the specific application, the user has been identified successfully. Defining an appropriate
threshold value makes it possible to scale the level of security as desired.
The KeyTrac recording module is integrated into an existing form or into a standalone application. From this time on,
the keystrokes that users make while typing are recorded in the background. This involves the recording of each individual key with the time it is pressed and the time it is released. This is how the biometric keystroke data originates.
The recording works with millisecond accuracy1 on all common operating systems. Password hardening involves using an adapted version of the keystroke data recording, which prevents the password from being reconstructed from
the keystroke data.
Available recording modules:
International use
The text that is typed in and characters of the specific keys are irrelevant for KeyTrac. Instead, the system uses what
are known as keycodes which are used to uniquely identify the keys on the keyboard. This allows KeyTrac to be used
easily with any international keyboard layouts. The following illustration shows how keycodes are assigned to the
individual keys.
5
The time resolution between two keystrokes is generally 15.625 ms.
Contact
TM3 Software GmbH
Dr. Thomas Wlfl
Bruderwhrdstr. 15b
93055 Regensburg, Germany
E-Mail: info@keytrac.de
Phone: +49 941 - 604 889 -741
6