Among multi-factor authentication mechanisms, two-factor authentication (2FA) has become kind of an industry standard. 2FA generally uses a combination of two factors from the following:
1. Something users know (a password or a PIN)
2. Something they have (a card or a soft token)
3. Something users are (their voice, handwriting, or any biometrics data)
Most banks use 2FA mechanisms in the form of an ATM card, which usually entails the use of factor 1 (PIN) and factor 2 (ATM card). Another example is Celestix MFA that uses locally controlled 2FA through One Time Passwords (OTPs). These OTPs can come on top of login credentials.
Recently, there is an increasing interest in using the third factor, especially as more cybercriminals are able to gather card information and passwords with ease. Large-scale hacking and data leakages have compelled companies to look for stronger cybersecurity measures. As a direct result, this ushered in significant growth in the field. Maryville University claims that cybersecurity is booming as an industry, and more professionals in this sector are needed as organizations become more concerned with protecting their data. Cybersecurity specialists have the knowledge and skill set to handle complicated frameworks like biometrics systems.
One particular subtype of biometrics that is gaining attention is behavioral biometrics, which is the measurement of human behavioral patterns. It is often used by creating a template or portrait of an individual’s behavioral patterns or habits. These patterns then serve as the authenticating factor. Such habits include keystroke dynamics.
Put simply, keystroke dynamics pertain to the manner and rhythm with which a person uses a keyboard. The International Journal of Computer Applications indicated ‘dwell time’ and ‘flight time’ as the two chief keystroke factors. The first means how much time is used to press a key, and the second is the time between the release of one key and pressing of the next. Other quirks and typing patterns are also recorded until sufficient data has been gathered to create a complete biometric template.
One obvious benefit of using keystroke dynamics in 2FA is that it is much more reliable than passwords and PINs. They cannot be easily exploited, especially in a real-time setting. Forbes explained that it allows continuous authentication throughout the user’s overall online usage. This is much better than a single authentication port at login, which can be easily bypassed; or a series of multiple logins that may slow down the process.
Celestix’s Multi-Factor Authentication platform, which is powered by DigitalPersona supports Behavioral Biometrics for Single Sign-on authentication. Moreover, clients are free to mix and match up to three factors including the MFA behavioral biometric factor as needed.
As behavioral biometrics like keystroke dynamics gain steam in cybersecurity, we will definitely see more sophisticated applications focusing on the concept in the near future. Its benefits are promising and the tech can even be improved through widespread integration and practice.
Feature Article for celestix.com
Written by: Louise Matthews