Are You, You? Seamlessly Fighting Identity Fraud with Keystroke Dynamics

Identity fraud—the deliberate use of synthetic or stolen identity details for gain—affects an increasing variety of digital platforms. With traditional methods of identity verification compromised because of high-profile data breaches, platforms are turning to sparse alternative data sources and overt verification technologies, often to the detriment of the user experience. Drawing from established deception and motor learning theories, we follow the design science method to design, build, and iteratively refine a novel approach to identity verification for new platform users using keystroke dynamics. The system (1) evaluates identity fraud risk for all first-time users, and (2) minimizes the impact on the new user experience by seamlessly analyzing keystrokes from a platform’s existing onboarding form. We evaluated and improved the design in four experiments, culminating in an identity fraud detection tool that effectively detects identity fraud for unknown users and supports seamless user experiences. The system and our lessons from the design and evaluation process have important implications for both research and practice.

History: Jason Thatcher, Senior Editor; Heng Xu, Associate Editor.