On the Design of an Authentication System Based on Keystroke Dynamics Using a Predefined Input Text

Abstract

The design of an authentication system based on keystroke dynamics is made difficult by the fact that the typing behaviour of a person is subject to strong fluctuations. An asymmetrical method able to handle this difficulty by using a long text on enrolment and a short one at login is analysed in this article. The results of an empirical study based on an extensive field test are presented. The study demonstrates that the advantages of the analysed method remain even if a predefined input text is used. The results also show that the method’s quality highly depends on the amount of text typed on enrolment as well as on login, which makes the system scalable to different security levels. They also confirm the importance of using stable characteristics that are due, for example, to the user’s right- or left-handedness. The method’s learning velocity is shown to be high, which enables enrolment to be kept short. Moreover, the study demonstrates that admitting multiple login attempts significantly ameliorates the recognition performance without sacrificing security.