Are You, You? Seamlessly Fighting Identity Fraud with Keystroke Dynamics

Abstract

PRACTICE-ORIENTED ABSTRACT In September of 2017, Equifax disclosed a data breach that exposed the personal information of 147 million people, including names, Social Security numbers, and addresses. Such high-profile data breaches have rendered traditional forms of identity verification—especially knowledge-based authentication (KBA)—worse than useless: fraudsters have a 92% success rate in KBA screenings, compared to just 46% for genuine customers. In the face of these challenges, digital platforms are turning to sparse alternative data sources and overt verification technologies, often to the detriment of the user experience. The objective of this research is to design and build a novel approach to identity verification for new platform users using digital behavior data—features that describe how users type and interact during account setup. The system (1) evaluates identity fraud risk for all first-time users, and (2) minimizes the impact on the new user experience by seamlessly analyzing behavior during a platform’s existing onboarding experience. We evaluated and improved the design in four experiments, culminating in an identity fraud detection tool that effectively detects identity fraud for first-time users and supports seamless user experiences.