BioPassword's innovative keystoke technology solution offers another level of security

Published 22 August 2006

There are many biometric products out there, but this innovative technology is different; it requires no biological information and no hardware to install, rather it is all about how you behave

For several years there has been a continual search for better, and more reliable biometric detectors on the market. Issaquah, Washington-based BioPassword, though, may have come up with the most innovative. Their product is unlike many other biometric verifiers where as it doesn’t necessarily rely on biological traits, but rather on behaviors. The identity authentication solution uses keystroke rhythms as the way to identify users. The company has also differentiated itself from other biometric vendors by making this new solution available as software without the need to buy hardware, the most prohibitive aspect of using biometric technology, due to its cost of and installation requirements.

The idea of keystroke technology was derived from military applications. During the height of Morse code, the military had problems identifying who was actually sending messages. “Using a methodology called ‘the fist of the sender,’ military intelligence identified that an individual had a unique way of keying in a message’s dots and dashes, creating a rhythm that could help distinguish ally from enemy,” says Greg Wood, BioPassword’s chief technology officer. This same idea has been translated into computer security by BioPassword. The process began in the early 1980’s when the U.S. National Bureau of Standards funded research by the Stanford Research Institute (now SRI International) into this issue. SRI’s research found that keystroke identification methods were 98 percent accurate, leading to a patent issuance in 1989. In 2002 BioPassword purchased the patent with plans to further develop and commercialize it, which it did in 2004 with its first product for the workgroup market. This year its release, intended for the Internet and network security systems, works only with Windows applications, but plans are in place for its expansion to integrate into Unix/Linux environment.

Sally Hudson, an identity and access management analyst at IDC in Framingham, Massachusetts, says BioPassword fills “the growing need for multifactor, strong authentication in both enterprise and Internet environments.” This is true, because it is strictly software based. Even if a fraudster were to have a password to draw money out of another victim’s bank account at an ATM, their keystroke rhythms would not match, denying the unauthorized individual access to the funds.

-read more in this Computerworld report

Sample application of BioPassword interface

.