Systems and Methods for Identity Authentication using the Keystroke Dynamics of a Single Interaction Session

Case ID:
UA20-224
Invention:

This technology is a method of detecting an online impostor using keystroke dynamics without requiring prior collection of behavioral data from the true user.

Background:
Keystroke dynamics is an area of behavioral biometrics that attempts to identify or authenticate a user by collecting data about how a user types, such as the length of time between key presses and the duration a key is depressed. This information can then be used to detect changes in typing behavior, which may suggest the person typing is an impostor or bot. This technique has seen widespread adoption in recent years and adds a layer of security that can augment traditional knowledge-based authentication such as providing a username and password.

One limitation of keyboard dynamics for authentication is that it usually requires establishing a baseline by training the detection mechanism with normal typing activity by the authentic user. As a result, keyboard dynamics is generally ineffective if the user is new or no prior data has been collected on the user’s behavior. This invention is innovative in that it requires no prior user interaction and therefore can be used for new accounts or in applications where behavioral data is not collected across multiple interaction sessions.

Applications:

  • Online fraud prevention
    • eCommerce
    • Banking
    • Insurance
  • Enterprise identity and access management

Advantages:

  • Requires no training period to establish a baseline
  • Can work in concert with existing behavioral biometric techniques
Patent Information:
Contact For More Information:
Lewis Humphreys
Licensing Manager, Eller College of Mngmt & OTT
The University of Arizona
lewish@tla.arizona.edu
Lead Inventor(s):
Joseph Valacich
Jeffrey Jenkins
Keywords: