-
The Business Case for Keystroke Dynamics in Multi-Factor Authentication
Username and password pairs as authentication factors are as weak as they are ubiquitous. They can be phished, stolen, discovered, and cracked in a number of ways. Use of a single factor of authentication is so weak that the Federal Financial Institutions Examination Council (FFIEC) is requiring that all online banking services adopt multi-factor authentication by the end of 2006. In light of these needs, a biometric method known as keystroke dynamics (or, keyboard or typing dynamics) is emerging as an effective way to strengthen user authentication. This special report provides scenarios that illustrate the application of keystroke dynamics. We then present a probability model that can be used to analyze the security benefits of multi-factor authentication. Finally, we present an economic analysis of the financial benefits of keystroke dynamics. (8 pp., 5 figs.) [Executive Summary]
December, 2006
-
Biometric Technologies for Computer Security
Biometric technology has been applied to IT security for several years, adoption has been slow, and some applications are starting to become a reality, including fingerprint scanning, facial recognition, and voice verification. Nevertheless, the jury is still out as to how viable these technologies will be for widespread use in corporate IT environments.
February, 2002