top | item 30258147

(no title)

raresp | 4 years ago

Interesting news. But I see a lot of negative comments regarding the biometrics.

Here's my two cents.

I'm the founder of a biometric users identity check solution, called Typing AI Biometrics ( https://typing.ai ). We identify users by the way they type. Typing biometrics can be used as a two factor (2FA) or multi factor (MFA) authentication method.

Instead of combining the usual username + password with an OTP code that you recive on your smartphone or email, you can combine the basic username + password with a typing pattern check, it's much more secure and efficient. The typing signature translated into a 300+ encrypted characters hash, which is (up until now) impossible to break.

You can even remove the username + password and combine the typing biometrics check (known as keystroke dynamics) with an OTP verification. Biometrics are the future of authentication and authorization, because they are unique to each person, but only with the promise of not keeping and sharing the users data.

You can AMA on this Show HN thread: https://news.ycombinator.com/item?id=30130447

discuss

gigaflop|4 years ago

So then, I need to type the same password the same way every time?

If I set up an account while I'm still waking up, and then try to use it after lunch and coffee, wouldn't I get locked out due to inputting faster than expected?

Or what if I'm on the phone with someone, and trying to type with one hand? That would probably lock me out, right?

raresp|4 years ago

Our algorithm learns from previous detections. You will be able to enter different texts. Like writing your email or anything you want.

In the case of having an accident, you will be able to login into Typing AI and update your signature.

"Or what if I'm on the phone with someone, and trying to type with one hand? That would probably lock me out, right? " - good question. Your "one-hand" typing is totally different than writing with two hands but we also got this covered. The authenticity detection rate won't be over 90%, but it will still be over 80%.

jfk13|4 years ago

How about when I break my wrist and it's in plaster for a couple of weeks? Seems unlikely that I'll maintain my characteristic typing pattern well enough to be recognised...

LanternLight83|4 years ago

Or switching to an ergo keyboard, trying a new typing layout, or just joining your first touch typing course?

chayesfss|4 years ago

typing biometric software has been around for a long time (biorhythm) and from what I remember from years ago had issues with users typing in from different devices all the time, laptop to ext keyboard, iphone to ipad with keyboard, kiosk, etc... I don't think it would be more secure or as you put it "much more secure" than say, user/pass and a push notification as the push notification is out of band. These used to be called 1.5 factor as it wasn't quite 2 factor.

raresp|4 years ago

I understand your opinion, and yes, it's hard to be able to identify the owner of an accountby checking smartphones, tablets and desktop keyboards. The recommendation is to create separate signatures for all of these devices, in this way the typing signature will be more stronger and the keystrokes verification will be more accurate.

We are adding new cases to our algorithm almost weekly, the typing detection keeps getting better.