Web User Authentication Using Chosen Word Keystroke Dynamics

Keystroke dynamics has been used as a form of one-time user authentication and continuous verification especially when it comes to securing the cyberspace. In this paper, we present the idea of using keystroke dynamics as a form of second layer authentication in web applications. We showed that this method can authenticate a user with high accuracy and can be used as an alternate to CAPTCHA tests, security questions and image selections that are being used today. We have developed a working web-based platform in a browser environment that enforces the proposed second-layer security. We performed penetration test experiments by launching a total of 598,500 impostor and genuine authentication attempts and found the Equal Error Rate (EER) as 10.5%.