noctara . the behavioral signal
back to security
the behavioral signal.
an honest specification of the keystroke-timing signal that sits under a reading. what it measures, what it can and cannot support, how it can be defeated, and how it is held. written for enterprise and AI-lab due diligence. it states what is true today and marks what is planned as planned. we make no claim here that we cannot stand behind.
the short version. while you write your reading, we measure the rhythm of your typing, the timing, not the content. that rhythm is reduced to a small set of numbers and stored with the reading you own. it makes a reading harder to fake wholesale and lets us tell, with moderate confidence, whether two readings were written by the same hand. it is not a hardened biometric, it is not a login, and it cannot prove identity on its own. we do not claim the body cannot lie.
what we measure
during the reading flow, in our own text fields, we record two families of timing only:
- dwell. how long each key is held down, key-press to key-release.
- flight. the latency between one key and the next, release to press.
we do not store which keys, in what order, as the signature. the signature is built from the distribution of those timings: medians, variability, the shape of the pauses. the words you write are processed to produce your reading; the timing is a separate, derived layer. it is captured in the reading flow only, on surfaces we operate. it is not a system-wide keylogger and does not run outside the reading.
what it is for
- continuity. a same-hand signal across a person's readings over time, so a sequence of readings can be checked for whether one author wrote them.
- tamper-evidence. genuine typing has a timing texture. answers pasted in whole, or generated and dropped in, tend to lack it. the signal raises a flag, it does not render a verdict.
- provenance for a read. a reading carries a small record of how it was actually entered, which is part of why a read is harder to manufacture than a questionnaire that only records the final text.
what it can support, honestly
the signal is research-grade today. it is real, it is captured live, and it is stored. its honest strength is a weak-to-moderate same-author signal and a paste / generation tripwire. it is most useful as one input among several, not as a sole gate.
what it cannot do
we are explicit about the ceiling, because overclaiming here would be the easiest way to lose an enterprise reviewer's trust.
- it is not a hardened biometric authenticator and is not used to log anyone in. authentication is handled separately by Sign in with Apple, email magic links, sessions, and the behavioral mark.
- its false-accept and false-reject rates have not been formally benchmarked at scale. we will not publish an accuracy number until we have measured one honestly. planned
- it is degraded by pasting, by switching keyboards or devices, by mobile autocomplete, and by assistive technology. these are normal, legitimate behaviors, so the signal must never be the only thing standing between a person and their own data.
- it can in principle be mimicked by a determined adversary who models a target's cadence. we treat it as raising cost, not as unforgeable.
- we do not claim it reveals truth, detects lying, or that "the body cannot lie." it measures rhythm, nothing more.
threat model
| vector | honest current posture |
|---|
| paste / AI-generated answers | the most common way to fake a read. low or absent keystroke texture is a tripwire; flagged, not auto-rejected. this is the signal's best case. |
| replay of a captured vector | vectors are derived features tied to a reading, not a reusable credential. a replayed vector cannot log in because the signal is not an authenticator. binding hardening planned |
| cross-device drift | a real person on a new keyboard looks different. we treat a mismatch as a question, never as a denial of access to one's own reading. |
| shared / delegated accounts | two hands on one account will not match. surfaced as a continuity flag, useful to a leader, never used to punish. |
| adversarial mimicry | cadence can be modeled with effort. we claim cost, not impossibility, and lean on consent and other signals rather than this one alone. |
privacy posture
- derived, not raw. what we keep is a compact statistical vector, not a transcript of keystrokes.
- owned by the person. the vector lives with the reading the person owns. a coach or organization sees a read only with that person's explicit consent, and never sees raw answers.
- not sold, not cross-linked. the signal is not sold, not used to track a person across sites, and not used to identify anyone who has not taken a reading.
- encrypted at rest by our managed database provider, moved over TLS. see security and subprocessors.
roadmap, marked honestly
- formal false-accept / false-reject benchmarking on a real population. planned
- a trained same-author model to replace the current heuristic thresholds. planned
- on-device capture parity for the iOS reading flow. planned
- tighter cryptographic binding of a vector to a single reading session. planned
if you are evaluating this for a licensing or partnership context, the honest pitch is narrow and real: a consent-first, privacy-preserving rhythm signal that makes a behavioral read harder to fake and gives a same-author check over time. it is a differentiator, not a magic key. questions:
hello@noctaracorp.com.