Researchers have built a continuous authentication platform that can accurately identify users based on their typing patterns.
A series of 90 minute typing tests carried out on 2000 people at Iowa State University found users could be identified with a half percent margin of error based on the way they hit keys.
The work has been spun into an application that could continuously authenticate users and lock accounts if another person jumped on the computer resulting in irregularities being detected. (pdf)
Uniquely syncopated mouse and keyboard patterns made it possible to identify users, Iowa State University associate professor Morris Chang said.
“These pauses between words, searches for unusual characters and spellings of unfamiliar words, all have to do with our past experiences, our learning experiences,” Chang said. “And so we call them cognitive fingerprints which manifest themselves in typing rhythms.”
“The system can see if the same person or an imposter is coming in to hijack the computer."
The year-long research run together with electrical engineering students Terry Fang, Kuan-Hsing Ho and Danny Shih received a half a million dollar grant from the US Defense Advanced Research Projects Agency which sought to discover if continuous authentication was possible.
It was now being extended to capture mouse movements and touch inputs from mobile devices with an additional $1.76 million dollars from the agency over two years.