Introduction to Biometrics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #14 Behavioral Biometrics October 10, 2005

Outline l Definition and Example l Signature Scan l Keystroke Dynamics

References l Course Text Book, Chapter 9 l l ml ml

Definition l While Physiological biometrics is based on a person’s physical properties, Behavioral biometrics is based on a person’s behavior l Examples include: - Voice Scan, Signature Scan, Keystroke Dynamics, Manner of walking, running, etc. - Difficult to distinguish between physiological and behavioral biometrics

Signature Scan: Introduction l Signature verification is the process used to recognize an individual’s hand-written signature. l Dynamic signature verification technology uses the behavioral biometrics of a hand written signature to confirm the identity of a computer user. l This is done by analyzing the shape, speed, stroke, pen pressure and timing information during the act of signing. l As a replacement for a password or a PIN number, dynamic signature verification is a biometric technology that is used to positively identify a person from their handwritten signature.

Signature Scan: Introduction (Continued) l There is an important distinction between simple signature comparisons and dynamic signature verification. l Both can be computerized, but a simple comparison only takes into account what the signature looks like. l Dynamic signature verification takes into account how the signature was made. l With dynamic signature verification it is not the shape or look of the signature that is meaningful, it is the changes in speed, pressure and timing that occur during the act of signing. l Only the original signer can recreate the changes in timing and X, Y, and Z (pressure).

Signature Scan: Introduction (Concluded) l A pasted bitmap, a copy machine or an expert forger may be able to duplicate what a signature looks like, but it is virtually impossible to duplicate the timing changes in X, Y and Z (pressure). l There will always be slight variations in a person’s handwritten signature, but the consistency created by natural motion and practice over time creates a recognizable pattern that makes the handwritten signature natural for biometric identification. l The primary advantage that signature verification systems have over other types of biometric technologies is that signatures are already accepted as the common method of identity verification. l This history of trust means that people are willing to accept a signature based verification system.

Signature Scan (Process) l The signature, along with the variables present during the signing process, is transmitted to a local PC for template generation. l Verification can take place against a local PC or a central PC, depending on the application. l In employee-facing signature-scan applications such as purchase order authentication, local processing may be preferred; there may be just a single PC used for such authorization. l For customer-facing applications, such as retail or banking authentication, centralized authentication is likely necessary because the user may sign at one of many locations.

Signature Scan: Process (Concluded) l The results of signature-scan comparisons must be tied into existing authentication schemes or used as the basis of new authentication procedures. l For example, in a transactional authentication scenario, the “authorize transaction” message might be sent after a signature is acquired by a central PC. l When signature-scan is integrated into this process, an additional routine requires that the signature characteristics be successfully matched against those on file in order for the “authorize transaction” message to go forward. l In other applications, the results of a signature-scan match may simply be noted and appended to a transaction. l For example, in document authentication, an unsuccessful comparison may be flagged for future resolution while not halting a transaction.

Signature Scan: Strengths l Because of the large amount of data present in a signature- scan template, as well as the difficulty in mimicking the behavior of signing, signature scan-technology is highly resistant to imposter attempts. l Signature-scan also benefits from its ability to leverage existing processes and hardware, such as signature capture tablets and systems based on public key infrastructure (PKI) l Since most people are accustomed to providing their signatures during customer interactions, the technology is considered less invasive than some other biometrics.

Signature Scan: Weakness l Signature-scan is designed to verify subjects based on the traits of their unique signature. l As a result, individuals who do not sign their names in a consistent manner may have difficulty enrolling and verifying in signature-scan. l During enrollment subjects must provide a series of signatures that are similar enough that the system can locate a large percentages of the common characteristics between the enrollment signatures. l During verification enough characteristics must remain constant to determine with confidence that the authorized person signed. l As a result, individuals with muscular illnesses and people who sometimes sign with only their initials might result in a higher False Rejection Rate

Signature Scan: Applications l Signature-scan is implemented in situations where signature or written input processes are already in place. l These applications include contract execution, formal agreements, acknowledgement of services received, access to controlled documents, etc. l As the act of signing documents becomes more integrated with electronic capture processes - signing on acquisition tablets - the opportunity for biometric authentication will increase dramatically. l Note that signature-scan is not the same as digital signatures, an encryption technology.

Signature Scan: Market l Though it is one of the least frequently deployed technology in the biometric market today, signature-scan usage will increase, as a complement to static signature capture, l Though a handful of vendors sell signature-scan, these firms will need to show the success of the technology in more high- profile settings. l As applications for contract execution, formal agreements and access to controlled documents are demonstrated, signature-scan revenues are projected to grow from $3.0m in 2000 to $101.1m in l Signature-scan revenues are expected to comprise approximately 5% of the entire biometric market.

Keystroke Dynamics: Introduction l Keystroke dynamics, also referred to as typing rhythms, is considered one of the most unusual and innovative biometric technologies. l It is considered a fairly new biometric technology and is still under development l Studies have been conducted by the National Science Foundation as well as the National Institute of Standards and Technology with regards to a person's typing pattern. l Both the National Science Foundation and the National Institute of Standards and Technology have found typing patterns to contain unique characteristics that can be identified

Keystroke Dynamics: Process l Keystroke dynamics looks at the way a person types at a keyboard. l Specifically, keyboard dynamics measures two distinct variables: "dwell time" which is the amount of time you hold down a particular key and "flight time" which is the amount of time it takes a person to between keys. l Keyboard dynamics systems can measure one's keyboard input up to 1000 times per second. l Keystroke dynamics requires, as with most biometric technologies, a "reference template". This involves several sessions of a person using a keystroke dynamic system so that the system can construct or build the "reference template" by detecting one's typing rhythms.

Keystroke Dynamics: Strength l Keystroke dynamics is behavioral in nature. It works well with users that can "touch type". l Key advantages in applying keyboard dynamics is that the device used in this system, the keyboard, is unintrusive and does not detract from one's work. l Enrollment as well as identification go undetected by the user. Another inherent benefit to using keystroke dynamics as an identification device is that the hardware (i.e. keyboard) is inexpensive. l Currently, keystroke dynamics systems can be represented by plug-in boards, built-in hardware and firmware, or software. l Keystroke dynamics dynamics technology is an ideal solution for computing industry since the employee is already using the keyboard on a consistent basis.

Keystroke Dynamics: Weakness l Currently, keystroke dynamics has technical issues that must be addressed before it becomes widespread. l One technical issue is the standardization among computer keyboards and the lack thereof. l Standards among keyboards must be resolved as well as communication protocol structures before keystroke dynamics can successfully enter the marketplace. l To date, there have been a half dozen efforts to bring keystroke dynamics to commercial markets; and most have failed