Monday, June 30, 2014

Your password can now be the way you type

Individuals subconsciously use their mouse and keyboard in predictable ways and these behaviors can reliably identify them, experts believe.

Examples of these actions include how quickly a user selects buttons that pop up on screen, how long they hover over menus, how fast they move the mouse and whether they scroll using the cursor keys, the scroll bar or the mouse wheel.

"We don't need to find behaviors unique to each person on the planet," said Neil Costigan, CEO of Behaviorism in Lulea, Sweden.

"We just need enough of a spread of behaviors to verify that someone is who they say they are. We look at the behaviour to see if it matches that person's previous behavior," Costigan was quoted as saying.
  
Companies are already beginning to implement this technology. In US, IBM is starting to deploy the technique in online security software it sells to banks.

IBM's system monitors behavior only after a person has logged in using their password. This can prevent a fraudster making transactions, pretending to be an authenticated user who has, for example, gone to make coffee without logging out.

When behaviors are detected that are out of character, the software will ask them to log in again with some extra security questions. A software by Bio catch, a firm based in Tel Aviv, Israel, presents people with what it calls subconscious ‘challenges’ that garner distinctive responses.

For instance, the software makes the cursor disappear for a few seconds and the type of mouse motion people use to recover it; clockwise, anticlockwise, large arc, small arc is recorded.
  
Uri Rivner of Bio catch said that by building a model of how individuals respond to these challenges, and then monitoring actions while banking or shopping online, the software can tell within a few keystrokes if the user is the same person who originally logged in.

0 comments:

Post a Comment