Can Mouse Movements Detect an Identity Thief?

Technology to fight identity theft is growing more and more sophisticated, a critical advancement as hackers continue to find new ways to steal data, identities, and funds from their victims. But a new study just might give cyber security tech experts another tool to fight back against this crime: self-incrimination.

The study went like this: a small group of users was gathered and then broken into a control group and an experimental group. The control group logged into various websites using their own information, but the experimental group had been given fake identity profiles. They were to memorize the information in the profiles and were even quizzed on their knowledge of their assumed identities before beginning.

Interestingly, one of the key issues in the study centered on information that users would automatically know about themselves, but that identity thieves might stumble over.

In this case, zodiac sign was problematic for some. If your birthday is in late August, you know you’re a Virgo; if an identity thief has your birth date, they can easily look it up…the difference was in the ability to answer the unexpected question easily versus having to do a quick online search for the answer.

The overall findings were small but still poignant. The control group logged into various accounts without an issue, but the experimental group not only had some time-delay hesitancy as they recalled the information about their new identities, but they also had some strange habits when using the mouse. Their hands tended to make odd patterns before they clicked that the control group didn’t make, possibly as an involuntary reaction to knowing they were about to type false data into the web fields.

This experiment was conducted in Italy, and then again in Germany just to make sure it wasn’t a cultural issue. While the results themselves really don’t translate into anything useful just yet, with the proper research and analysis, we could be looking forward to the day when our technology and our biometrics can help determine whether or not we’re falsifying our information as we use it.

Since that kind of tech future is still a little way off, we have to remember to keep our identities and data security at the top of our lists. Using strong, unique passwords that we change routinely is a good start, as is making sure our technology isn’t accidentally turning over our information to hackers. After all, those fake user profiles used in the experiment had to come from somewhere…

Read more on the ITRC blog: http://www.idtheftcenter.org/itrc-blogs