A Quick Reference Guide: Running a Demonstration
This demo is designed to allow you to observe how our behavioral multi-factor authentication profiles are created and to test their effectiveness. If you aren’t already familiar with TickStream.KeyID, please click here to learn more. There are two steps to the demo:
- Build your own Behavioral Profile by entering your password through an active enrollment process.
- Test authentication effectiveness with family, friends and coworkers. Watch and show them how you are able to login but they cannot.
How to Build a Profile:
- Choose a quiet, calm environment where you can type comfortably.
- Use your everyday PC or laptop keyboard for all entries. Your keyboard should be on a hard/desk surface (not in your lap)
- Choose an easily-remembered password or short phrase.
- Do NOT use your actual password (full text is kept and displayed for transparency of the demo).
- Use a variety of characters (spaces, uppercase/lowercase, numbers, and special characters – combining a few of these allows your fingers to “strut their stuff”).
- The phrase or password should be between 13-25 characters.
- Do not use NumLock or CapsLock.
- Type easily, and at your normal speed.
- Be yourself and behave consistently.
- All profile-building entries must be done by the same person who is making a legitimate effort to consistently work the way they would every day under normal conditions.
- Make around 40 password entry tries total. Ideally you would do this over a period of time, and not all at once (as would happen in an everyday environment) so that your fingers move naturally, and not rhythmically as if you were in a keyboarding rut.
- Follow the onscreen instructions and inform us when your profile entries are complete.
How to Test and Share Results:
- Enter your username
- Enter your password consistently with how you did when you built your profile.
- Show or tell your password to a friend, family member, or coworker.
- Ask them to try and hack into your account.
- Too many consecutive login failures may lock your profile and you will need a QR Reader app on your smartphone to unlock your profile for continued testing.
When you’re ready to proceed to the demo, go to the enroll page to build your profile. You can visit the login page to test your profile.
If you have questions or would like further explanation, please refer to these FAQs:
What is the purpose of this demo?
The goal is to see algorithm performance — not deployment scenarios, and not testing a planned or hypothetical installation. A robust testing framework is available for companies who wish to initiate a pilot or setup a test installation environment. This demonstration allows you to understand how it works, not to “show” how it doesn’t work, by doing something like mashing the keyboard with a block of wood (an actual example) or altering your behavior in an inconsistent manner. When demonstrating, people want to see and experiment right away, on their schedule. So, for demonstrations, IA plays the part of the Host, and there is more setup and procedural rules that have to happen for the algorithms to work on a compressed schedule. This demo gives you the ability to do that rapidly.
Can I use a touchscreen keyboard on an iPad?
Not for the purposes of this demo. Regular, physical keyboards (rather than on-screen virtual keyboards) will usually work better because the actual finger-down movement adds extra discriminating data elements. IA can support multiple keyboards, but the demonstration is not configured to show that.
Why can’t I use NumLock or CapsLock for the password?
The algorithms are measuring your effort at a subconscious level. CapsLock and NumLock involves too much of an awkward and conscious physical motion. The demonstration site will not allow their use.
Why do I have to use a variety of characters?
This has nothing to do with complex passwords to make them unguessable, and there are no specific rules about order or minimum complexity. This is only to help avoid a monotonous pattern, such as “mzmzmzmzmz”, which works as a password, but will cause behavioral performance difficulties. Again, this is about showing movement, not about arbitrary password rules.
Why do I have to make about 40 entries of the same password?
Our machine learning algorithms take some time to learn your unique behavioral signatures. The demo is commonly completed in an active enrollment whereby you repeat these entries in a short period of time. Ideally, you should do this in a couple of different sessions of 10-15 each. These entries will be pared automatically to around 25 by the machine learning algorithms to build your profile. After installation, there is no fixed number of enrollment efforts. The algorithms simply ‘wake up’ after they get to know you. 100% invisible and frictionless.
What’s the difference between the demonstration and a test environment?
The demonstration is designed to show how simply the technology works and creates a forum to engage in questions and answers for possible deployments. Testing considers unique circumstances of the application for an actual deployment and technology stack and real-world implementation of the technology. In deployment, the process is out-of-sight.
DEMONSTRATION (we host)
Visible, Participative & Manual
DEPLOYMENT (you host)
Invisible, Autonomous & Automatic
Please contact us if you have additional questions or would like assistance.