CLICKA: Collecting and leveraging identity cues with keystroke dynamics

The way in which IT systems are usually secured is through the use of username and password pairs. However, these credentials are all too easily lost, stolen or compromised. The use of behavioural biometrics can be used to supplement these credentials to provide a greater level of assurance in the identity of an authenticated user. However, user behaviours can also be used to ascertain other identifiable information about an individual. In this paper we build upon the notion of keystroke dynamics (the analysis of typing behaviours) to infer an anonymous user’s name and predict their native language. This work found that there is a discernible difference in the ranking of bigrams (based on their timing) contained within the name of a user and those that are not. As a result we propose that individuals will reliably type information they are familiar with in a discernibly different way. In our study we found that it should be possible to identify approximately a third of the bigrams forming an anonymous users name purely from how (not what) they type.