Hackers might crack or steal your password, but can they type like you?
Japan’s NTT Communications has developed a computer security system that analyzes the way a computer user types, and then checks it against a profile of authorized users to detect if the person at the keyboard is an imposter.
The system, called Key Touch Pass, records the speed at which a user is typing, the length of time they typically hold down each key and the errors they normally make.
Every few hundred characters it checks this against a profile of the user that is supposedly logged in to the computer. If the two differ by more than a predetermined threshold, the system concludes the computer’s user isn’t who it should be.
NTT Communications anticipates the system could have uses beyond security and has already conducted trials with e-learning networks. Distance learning systems rely on the honesty of users, especially when taking online tests.
The company is also eyeing potential use in the online banking field.
During a demonstration of the system, which works in both Japanese and English, it was able to detect an imposter after several lines of text had been typed.
The threshold in the system was set around 50 percent, which the company suggested was suitable for detection in e-learning applications. Other systems, such as online banking, could be set at a more rigorous level.
A user’s typing speed and style naturally changes depending on their physical condition, so some degree of leniency is desirable in the system. For example, an alert user at the start of the day might type differently from when they are tired at the end of the day.