Bringing biometric 2FA to the desktop
The continued rise of two-factor authentication (2FA) has been a product of the increase in digital customer engagement due to the pandemic. Many of the customers new to digital channels, however, use desktops and laptops as their devices of choice, making their user experiences of common 2FA methods much different – and worse – than those who prefer to use a smartphone.
Keystroke biometrics can provide a user experience on a desktop or laptop computer just as seamless as those of users on smartphones, TypingDNA Co-founder and CMO Cristian Tamas tells Biometric Update in an interview.
Loaded with sensors for biometric authentication, and even more often, receiving one-time passwords, mobile devices currently offer users a reasonably smooth user experience. For those on PCs and Macs, however, multi-factor authentication often involves switching devices. The latest research indicates that laptop and desktop computers are still the preferred channel for many consumers, with for instance over a third of online grocery-buyers using it to make purchases, according to PYMNTS.
The new way
TypingDNA Verify 2FA is a web-based authentication product based on the company’s leading biometric engine, with additional layers of intelligence. Previously, the company has found that many of those integrating typing biometrics have had difficulty realizing the technology’s full benefits.
Developed to enable easy and effective integration of TypingDNA’s behavioral biometrics with existing or new web-based services, the new solution offers those full benefits out of the box.
The laptop or desktop user enters their name and password, and then instead of an SMS prompt, is presented a button inviting them to “Verify with TypingDNA.” The application pops up in a separate window, with a familiar feel somewhat reminiscent of a CAPTCHA. When the user types in the four words presented, however, the authentication process is completed.
The authentication process, as demonstrated to Biometric Update, is fast; comparable to using an OTP while already on a mobile device, and without the inconvenience common to other desktop 2FA experiences.
Users enroll their typing biometrics by following a prompt to type four words, selected from a carefully constructed list of choices, in the presented order, three times each. Once enrolled, authentication works with the four words typed in a natural way, a single time. The user is not required to remember their words, or anything else. Naturally occurring typos help, rather than hinder the process.
The words making up the list the four-word sequences are selected based on characteristics that make them rich in typing behavioral data, but the user can choose a new set of words if they would be more comfortable with if they prefer. TypingDNA found a connection between text content and the biometric accuracy keystroke analysis can deliver from it, and created an algorithm to ensure effective combinations of words are given to all users.
Ease of use
TypingDNA Verify 2FA enables end users on desktops computers to avoid switching devices – a frequent drop-off point in the customer journey, which causes friction even if the user follows through.
The speed of the authentication experience is also improved on laptops and desktops. This is the case not just compared to mobile device-based OTPs, but also compared to email OTPs or phone calls.
An additional benefit to end-users is that because TypingDNA Verify 2FA is operated by the biometrics provider, the user’s digital identity is federated. They can use the service for authentication with any other organization implementing TypingDNA Verify 2FA by typing their same four words, without any change in the user experience. This innovation of federated biometrics is not found elsewhere in the SMS and 2FA space, Tamas says.
For online service providers across all industries, an improved user experience for a large number of users, eliminating a friction point at a critical moment in the process. This can also help reduce churn.
Faster checkouts also increase the likelihood of completed transactions, repeat business and loyal customers.
A fast and familiar link-based integration process allows vendors and member-driven services to easily adopt greater protection against fraud and compliance with evolving data privacy, age restrictions and payments regulations.
Typing biometrics have now matured to the point of enabling biometric 2FA for any online business, authenticating any online user without a smartphone or tablet. The result, according to Tamas, is the most user-friendly biometric 2FA available on a desktop device.