Keyboard-sharing and credentials-sharing are serious issues in many business contexts. Once login has happened, until now organizations have had no reliable way to detect if the operator of a PC has changed. The only cross-app hardware that is universally in-place, and found to be reliably useful, is the keyboard. TickStream.CV is a product that compares two blobs of randomly typed text and evaluates whether or not the same person typed them.

TickStream.CV is continuous validation of a user’s authenticated identity. The comparison algorithm provides a score which when compared against a threshold provides the administrator three zones for decision making:

  • Zone 1 – Most likely they are the same person
  • Zone 2 – Most likely they are not the same person
  • Zone 3 – Not enough information to provide a reliable answer

Normal typing produces a string of characters ("content"). What the act of typing also does, unknown and unobtrusive to users, is to make available a large number of metrics about HOW and WHEN such typing occurred. The descriptive metrics which TickStream.CV analyzes contain no content, only patterns and timing data.

How it Works

There are 4 pieces of information that are collected each time you press a key on your keyboard. They are the character itself, and three pieces of timing data: the time when you first touch the key, the time when the key hits the bottom of the press and the time when the key returns to its original position. This data is collected as each user types.

The TickStream.CV algorithm converts chunks of this data into a special proprietary metadata based cadence and habit library. The process does not take or keep the character (content) part of the data, it only analyzes it for metrics. Reference libraries are initially created from large blobs of random typing data specifically associated with known users. Once these reference library are created smaller typing samples can be compared to the reference library to determine who did the typing.

Finally, while TickStream.CV is primarily a forensic tool, meaning that it only looks at events from the past, it is easily possible for TickStream.CV's evaluating actions to occur on a near real-time basis (e.g., was the paragraph ‘just typed’ done by the author of the Cadence & Habit Library of a known person?). Unlike a security camera which records continuously but needs a person to form a judgment about the activity in the recording, TickStream.CV can do both.