- Grid View
- List View
The Business Case for Keystroke Dynamics in Multi-Factor Authentication
Username and password pairs as authentication factors are as weak as they are ubiquitous. They can be phished, stolen, discovered, and cracked in a number of ways. Use of a single factor of authentication is so weak that the Federal Financial Institutions Examination Council (FFIEC) is requiring that all online banking services adopt multi-factor authentication by the end of 2006. In light of these needs, a biometric method known as keystroke dynamics (or, keyboard or typing dynamics) is emerging as an effective way to strengthen user authentication. This special report provides scenarios that illustrate the application of keystroke dynamics. We then present a probability model that can be used to analyze the security benefits of multi-factor authentication. Finally, we present an economic analysis of the financial benefits of keystroke dynamics. (8 pp., 5 figs.) [Executive Summary]
Web Services Moving Toward Federated Authentication (May 2002)
The major concern of online shoppers remains the security of e-commerce sites. While the number of consumers willing to provide credit card numbers or personal information online continues to rise, the lack of easily used security measures remains an impediment to more rapid growth in those numbers. Security requirements also extend to the necessity for nonrepudiation of transactions, so merchants can be assured that the online orders are valid and were made by the credit card owners.