Subscribe
Sign in
TypingDNA Authentication API — Secure users by their typing behavior with free low-code API
Recognize users by their typing behavior with our low-code API and the free unlimited Developer version. Collect user typing patterns on any platform without friction, submit in one API call, and let us do the rest.
72
Replies
Best
@sebastian_maraloiu what's the most exciting part for you? we, @TypingDNA, can't seem to agree, for us everything is exciting (obviously :)), so a 2nd opinion could help a lot.
I've been a fan of @raulpopa and TypingDNA since meeting them at Techstars. Very excited to see them launching their new dev tool. Congrats on the launch!
@raulpopa @hellobrent thanks! I appreciate your support. We're preparing to launch something very interesting in a few weeks again. Stay tuned!
Very cool concept and demo. But kinda useless when we (me) use password managers to autofill fields or generate passwords, in more than 90% of the cases :P
@frexuz Legitimate point for the username/password scenario -- but consider this: with our SDK's, developers can target any input form on their web page for us to record typing patterns. It isn't restricted to login (user/pass) fields, this is why we thrive in 2/MFA scenarios. After autofilling your user/pass, you are typically confronted with a 2FA step-up if you have it enabled in an app. This might mean you have to get your phone out, or check your email and do some copy / pasting. If that app took advantage of typing biometrics instead, all you would have to do is type some words to confirm your identity.
@kyle_hunt1 ah, so only as a replacement to the 2FA step, that makes sense! (In the auth scenario)
@frexuz Indeed, in the autofill scenario! But our API is flexible and doesn't impose any restrictions on where developers put us in their authentication flow -- the choice is really theirs and made based on what makes sense for their users. Many target login/pass fields to get 2 factors as users type their credentials instead of the usual one, but others may use it in place of a second factor after signing in (for example, if a device is not recognized). Thanks for the good question
Crazy how such a powerful tool is made free, hope it brings awareness to the market and more people actually using it. Congratulations guys, this looks awesome!
@carlosleisantos I agree, I hope to see more people using it, especially developers should try it out. Thanks for the nice words.
Hi Raul, looks fantastic! How strong is the ability to differentiate. Say if 10,000 people type the same word?
@shane_lowe1 Great question! The technology needs a bit more text than just a word. The "same text" version works well with anything around 20-40 chars (e.g. email address+password). In the particular case of 30 chars, in our tests we were able to reach absolute 0% FAR in approx. 10,000, but that comes with some FRR (false reject). It also depends on how many previous samples one submits, the technology works even with just one or two, but starts shining at minimum of 3.
In essence we can say the technology is comparable with face recognition based on regular camera (even better because regular camera based face recognition tech can be easily hacked). On mobile devices however, we're able to reach similar accuracy with about half the amount of text because we're also looking at telemetry data (device movement while the user is typing).
I do hope that you seriously consider internally naming this package TypingRNA :) Great news, guys! Can't wait to play with it.
@kristache, thank you!! When ready, just head here (no credit card required) https://www.typingdna.com/client...
This is seriously awesome. Tried all the demos, purposefully manipulating my normal typing by various amounts and it matched my assumptions about how much it would tolerate before failing the auth.
@brian_fritton Always happy to see such feedback. Is there anything you don't like about it? Or something you'd change about the demos, functionality, etc?
@dragos_bulugean We are glad that you love this. You can quickly try to see how it works: https://www.typingdna.com/#demo
@dragos_bulugean please let us know what you think of it once you try it out
@anant_garg Hey! We have recorders/SDK's for the web (JS), Java/Android/iOS/React Native as well as a Node client for server-side communication with our API's. They're all open source and up on our GitHub, let me know if you have any questions -- or have an additional platform in mind you think we should consider! It's important to us that we are present wherever people are typing, so be on the lookout for more platforms in the future.
Side note: Very impressive product you've built with cometchat. You clearly are familiar with the struggle of abstracting complexity to simplify things for the user :) And kudos on the API docs!
@alexiskold, thank you for your continued support and all the advice and help during all these years!
TypingDna is really a game changer in the World of Security and Biometrics. It helps to eliminate most hacking threats that affects most Web application online ranging from phishing, Brute Force Attack, Session Hijacking, Session Fixation Attack, Spambots Attacks etc. I have already used TypingDna to implement a plugin for Wordpress via Multi-Factor or 2 way factor authentications to protect over a billion of Web-hosted applications running on Wordpress
Looks like a gamechanger @tamascristian and the TypingDNA team. Proper execution :)
@lisapopovici Thanks! We wanted to make it free so that more people get to use the technology.
Congratulations Raul!
The dashboard looks incredibly sleek! And the API key tracking/graphs etc. are super useful!
Would love to know behind-the-scenes details of what your experience was like building an API product. E.g. Did you implement API key generation/credits/monitoring/graphs etc. yourself or did you use some external API gateway solution?
@essaygirlsdaily Hey Laura -- we chose to implement the API management features you listed ourselves. That is not to say everything was written from scratch, of course -- libraries are leveraged where it makes sense (Chart.js for the dashboard visualizations). The decision to not rely on a core API management service/provider is simply that it wasn't needed -- our team had a specific set of well understood requirements, and a preference to spend our time developing the right solution rather than configuring an off-the-shelf product to fit our needs (inevitably changing our requirements to fit the constraints of the service along the way).
That said, we're always re-assessing the tech we use and aren't dogmatic about it -- if a feature on the API side were best addressed by a 3rd party service in the future, it would be considered. I hope that answers your question, it seems like a popular topic -- perhaps we should write a blog post in the future on our behind-the-scenes tech. Thanks
@daniel_rotaru, thank you! The idea is for this not to be a barrier for integrations. Especially considering it's a new technology.
@osnatbenari Thanks!
Well, that's an interesting topic! But I'm not sure though we need to replace social login as much as we need to improve it.
@alistair_holmes Great question! I can assure you there are more than a few Flutter enthusiasts in our ranks (myself included). We prioritize cross-platform availability of our recorders, right now we have official releases on iOS, Android and RN -- as they represented the most popular platforms at the time they were released. But with Flutter's meteoric rise and increasing maturity over the past year, it's very much on the radar. For now, devs can leverage our platform-specific code on Github to collect patterns from their users, but this can and should be made even easier in the future.
TypingDNA