Browse Definitions :
Definition

keystroke ID (keystroke identification)

Contributor(s): Ivy Wigmore

Keystroke ID (keystroke identification) is a biometric authentication method based on the unique typing dynamics of individuals.

Keystroke dynamics are the patterns of rhythm and timing created when a person types. Elements include:

  • Overall speed.
  • Dwell time (the length of time a key is pressed).  
  • Flight time (the length of time between the depression of one key and the next one).
  • Variations in flight time among particular key combinations.
  • Common errors.

Data captured during authentication is compared to a stored sample for the user. Some systems also monitor the dynamics throughout a session or sample it periodically to ensure that the same user is still involved and the session has not been hijacked. 

The patterns of people's keystroke dynamics are known as their typeprints; they are as distinctive as the patterns of ridges and branches on their fingertips that yield fingerprints and the vocal characteristics that yield voiceprints.

Benefits of keystroke ID:

  • Because it's software-based, deployment is simple and inexpensive.
  • User keystroke dynamics can't be lost, stolen or forgotten.
  • The dynamics cannot be copied or faked. 
  • Both false positives and false negatives tend to be low.

Keystroke identification goes back to the days of the telegraph, when  operators were known by their distinctive patterns (known as the telegraph operator's "fist"). During the second World War, a methodology known as the "fist of the sender" helped to identify the source of Morse code to confirm that a particular message was, in fact, from the legitimate sender.

Keystroke ID is sometimes used as one method of multifactor authentication (MFA).

This was last updated in February 2015

Continue Reading About keystroke ID (keystroke identification)

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

  • compliance as a service (CaaS)

    Compliance as a Service (CaaS) is a cloud service service level agreement (SLA) that specified how a managed service provider (...

  • data protection impact assessment (DPIA)

    A data protection impact assessment (DPIA) is a process designed to help organizations determine how data processing systems, ...

SearchSecurity

  • Web application firewall (WAF)

    A web application firewall (WAF) is a firewall that monitors, filters and blocks data packets as they travel to and from a ...

  • spyware

    Spyware is a type of malicious software -- or malware -- that is installed on a computing device without the end user's knowledge.

  • application whitelisting

    Application whitelisting is the practice of specifying an index of approved software applications or executable files that are ...

SearchHealthIT

SearchDisasterRecovery

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • disaster recovery team

    A disaster recovery team is a group of individuals focused on planning, implementing, maintaining, auditing and testing an ...

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

SearchStorage

  • DRAM (dynamic random access memory)

    Dynamic random access memory (DRAM) is a type of semiconductor memory that is typically used for the data or program code needed ...

  • RAID 10 (RAID 1+0)

    RAID 10, also known as RAID 1+0, is a RAID configuration that combines disk mirroring and disk striping to protect data.

  • PCIe SSD (PCIe solid-state drive)

    A PCIe SSD (PCIe solid-state drive) is a high-speed expansion card that attaches a computer to its peripherals.

Close