TypingDNA has been recognized as a Sample Vendor in Gartner® Hype Cycle™ for Digital Identity, 2024 and Gartner® Hype Cycle™ for Financial Crime, 2024. Learn more

Mouse Dynamics

Mouse Dynamics is a behavioral biometrics technology used to validate a user’s identity by analyzing unique patterns —such as tiny hand motions— detected in the user’s interaction with their mouse or pointer. Because it enables continuous authentication, mouse dynamics is a great fit for intrusion detection solutions.

What is Mouse Dynamics and how does it work in continuous authentication?

How does mouse dynamics (a.k.a mouse biometrics) work?

Mouse dynamics algorithms interpret the data gathered from a mouse or pointer to build a unique user profile. Mouse dynamics in authentication is essentially being able to validate someone’s identity by the way they use their mouse.

The reason mouse dynamics can assign a unique signal to each user is because of the difference in patterns and variations of each user. Some elements taken into analysis for authentication with mouse dynamics are timestamps for each mouse movement action and the mouse location, and timestamps for each button press.

Although mouse dynamics do not require additional hardware other than the mouse to work, their disadvantage is a lower accuracy when deployed as a standalone authentication method. But when combined with additional authentication factors such as typing biometrics, the accuracy is drastically increased. For example, TypingDNA’s ActiveLock is a Continuous Endpoint Authentication solution that validates users’ identities based on their typing behavior. ActiveLock combines typing biometrics with mouse biometrics to continuously protect company devices. By analyzing mouse biometrics, ActiveLock gets another valuable point of data before deciding to lock the device.

How does mouse dynamics (a.k.a mouse biometrics) work?

Recent developments in mouse dynamics and other behavioral biometrics, such as keystroke dynamics, have allowed for dynamic monitoring of user behavior through seamless continuous authentication.

Prior to this technological advancement, intrusion detection mainly referred to securing a user's access control to systems or networks, typically by validating that user’s identity one time during login through something called periodic authentication. But, this static approach to only verify the user's identity once or sporadically at “the front door” is no longer enough — not only because passwords are easily compromised but also because of increased insider threats associated with more people working from home.