Towards Web-Based Biometric Systems Using Personal Browsing Interests

Abstract

We investigate the potential to use browsing habits and browser history as a new authentication and identification system for the Web with potential applications to anomaly and fraud detection. For the first time, we provide an empirical analysis using data from $4,578$ users. We employ the traditional biometric analysis and show that the False Acceptance Rate can be low ($FAR=1.1%$), though this results in a relatively high False Rejection Rate ($FRR=13.8%$). The scheme may either be utilized by Web service providers (with access to user's browser history) or any Webmaster, using other specialized techniques such as timing-based browser cache sniffing or a browser extension. We construct such a proof-of-concept extension.