How KeyTrac records your typing behavior
Recording your keystroke dynamics while you’re typing into a textbox is an essential part of the KeyTrac keyboard biometrics process.
What data gets recorded?
KeyTrac only records the relative dwell and flight time and the keycode of each key while you’re typing in a textbox. To keep passwords secure, we use a special, obfuscated format, which keeps all of your passwords safe.
Do you record all user inputs?
No! The KeyTrac Recorder is explicitly bound to specific input fields and is technically not able to record entries which where made “outside” of these configured textboxes. Other inputs, wherever they may occur, are entirely ignored.
What about the performance?
Users don’t even recognize that the KeyTrac Recorder is working in the background. We’ve done a lot of performance tests, optimizations and enhancements in order to not damage the user experience of your website.
One technology, two operation modes
To enhance the identification performance and to meet your security requirements, KeyTrac offers two specialized modes.
Password Hardening
Add more security to Passwords
The “password hardening” operation mode is intended to be used for enhancing the security of password based authentication. By using this feature, you add an additional, biometrics-based security layer to your application.
AnyText Identification
Identification with any text phrases
The “any text” operation mode is perfectly suited for identifiying users based on the keystroke dynamics while typing changing, dynamic text phrases. This type of recognition is the special feature of AnyText.
The KeyTrac workflow in short
Using KeyTrac and its API follows an easy to grasp [Record → Send → Receive] method which is illustrated below. Let's start now!
Page with Recorder is loaded
The website with the embedded and configured KeyTrac JavaScript Recorder is loaded and is ready for recording.
User is typing into KeyTrac textboxes
KeyTrac Recorder is bound to one or more textboxes and is waiting for user inputs to record keystroke dynamics.
Data is received from your Backend
After submitting the form, all recorded keystroke dynamics gets passed to your backend as form encoded values.
You send the KeyTrac data to our API
Now it’s time to pass the recorded keystroke dynamics and user ID to the KeyTrac API.
KeyTrac algorithm does the work
This is the time where the KeyTrac algorithm matches the submitted keystroke dynamics against the users’ profile.
Match-score is passed back to you
The computed match-score is now passed back to your backend where you’re able to utilize these results.
Identify Users based on their typing behavior
In addition to the innovative and reliable authentication of users KeyTrac offers now also the possibility to identify users only based on their typing behavior.
Identify and assign unknown users
Account sharing – the hand over of access data – is a sensitive challenge especially in online banking and other applications with a financial background. With KeyTrac user identification you are now able to identify what user has executed a transaction and whether it was the originally registered user.
Identify multiple registrations & resolve duplicates
Duplicates and multiple registrations not only cause a high administrative effort, they often cause a financial loss as well. KeyTrac can help you reliably with the identification of users to consolidate accounts and prevent multiple registration attempts already at the registration process.
Identify and investigate fraud with online exams
With the KeyTrac user identification institutions and e-learning providers now have another and innovative tool on their side to protect online exams against fraud. If a third party is suspected to be responsible for solving a test, you are now able to detect the student who has actually filed out the exam.
Ready in just four simple steps
Integrating KeyTrac into your website respectively your web service might be feasible for any developer. The integration only needs a manageable number of changes in your HTML frontend code and your backend code.
Changes on your HTML Frontend
Integrate the KeyTrac Recorder
In order to record your users' keyboard biometrics, it’s necessary to integrate KeyTrac Recorder's JavaScript into your website's HTML code. After a simple configuration, the recorder is ready to use.
Changes on your backend codebase
Introduce KeyTrac to your code
Before getting started, you need to extend your codebase to be able to transfer and receive data from the KeyTrac API. You need to, at least, incorporate an enrollment and an authentication section for using KeyTrac.
Required for enrollment or authentication
Send recorded data to the API
After implementing the required changes in your code, you’re now able to send the recorded keystroke dynamics to the KeyTrac API. This is required for enrollment and authentication of a user.
Take actions in your backend code
Utilize the API response
Now, your’re almost done. In the authentication case, the API responds with a true/false value and a percentage match-score. Use this boolean value to decide whether to permit or to reject this authentication request.