Passwords are long broken. Biometrics, from fingerprints to iris scans, are often trumpeted as the only real viable alternative, a natural physical component of the user that can’t be easily spoofed (at least that’s the idea).
Romania’s TypingDNA thinks that behavioural biometrics is the way to go.
“The way people type on their keyboards is unique. It’s like your fingerprint, it’s something unique, it’s behavioural biometrics based on how you type. It’s who you are,” said Cristian Tamas, co-founder and marketing manager.
“Behavioural biometrics is something that you are, something natural. The typing is a special behaviour that you have so we use that to authenticate people,” he explained. “But we also do research in user profiling. We think we can correlate your age, for example you will type somewhere and the way you type we can predict this was your age, if you’re male or female, stuff like that.
“We use an artificial intelligence algorithm to look at the time it takes you to reach one key to another.” These AI algorithms match multiple typing patterns.
The nuts and bolts of TypingDNA were built by CEO Raul Popa who took on Tamas as his co-founder and marketing manager. Popa, a software engineer, had previously been head of product at Bannersnack for several years.
Months after founding, the nascent startup secured a spot on Deutsche Telekom’s hub:raum accelerator in Krakow. TypingDNA was pitching at this month’s How To Web conference in Bucharest during its Startup Spotlight content. The team may have been unsuccessful in winning any of the cash prizes but it has had reason to celebrate, after recently securing its first round of funding.
In October, local fund Gecad Ventures, which has also invested in Vector Watch, led a seed round in TypingDNA with participation from a number of angel investors. The startup is also looking into joining FIDO Alliance, an industry consortium that validates authentication solutions.
Tamas declined to disclose how much funding the company has raised, but said it will further development of the technology and building a business model. “For now we charge per API request,” said Tamas but TypingDNA has two main use cases, which mainly targets potential business and enterprise customers.
It’s a wide field of potential customers but TypingDNA envisions clients like banks and universities. As well as logging into online banking with two-factor authentication, like getting a text, it will ID you via your typing.
“[Another use] is a university that wants to verify their students. There are MOOCs that want to verify that the student didn’t cheat,” said Tamas. “They can verify their students before they take an exam.”
The other is a continuous authentication model on devices that constantly monitors who is using the device and combats against any unusual or unrecognised typing activity on the keyboard.
Tamas is keen to point out that the algorithm doesn’t log what you type or collect your keystrokes, which is potentially very sensitive information.
Behavioural biometrics isn’t a new idea but it’s gathered some pace as security and privacy minded companies try to find the best alternative to passwords.
TypingDNA has some likely competitors in BehavioSec, from Sweden, which is working on its own solution for smartphones that involves not just typing but the force a user places on a touchscreen and how fast they browse along a webpage. It’s been dubbed “continuous authentication with behavioural biometrics”. Other competitors include Germany’s KeyTrac and Boston (by way of Isreal) company BioCatch, which recently secured UK bank NatWest as a client, proving that maybe the banking sector is ripe for behavioural biometrics.
Featured image credit: Unsplash/Pixabay