Identity Obfuscation Through the Exchange of Keystroke Biometric Data

The study of keystroke dynamics began decades ago, but the field has become increasingly relevant due to current events that have increased public awareness of the erosion of internet privacy. Web servers of 2020 are highly sophisticated at observing and analyzing the behavior of users on their platforms. Current capabilities include detection of fraud and concealed information, predicting demographic traits, and identifying users, all based on idiosyncratic differences in the way users interact with a keyboard. This reality forces the question of whether there is anything that users can do to prevent their own machines from divulging personal information via their keystroke dynamics-driven profile. This research describes an obfuscation technique capable of hiding a user's keystroke dynamics-based fingerprint through a combination of exchanging and randomizing biometric data generated while typing. Additionally, this obfuscation was designed to be as subtle as possible, so that its use would be minimally detectable. The results of this research indicate that there is an inherent tradeoff between the ability to conceal a users identity and the ability to conceal the presence of an identity-hiding tool.