TypingDNA recognizes people by the rhythm of their keystrokes - quietly, on any keyboard, on any device.
The wordmark of a company whose whole pitch is that you never have to look at it. TypingDNA works best when you don't notice it working.
Somewhere right now, a bank customer is logging in. They type their email, then their password, the same way they have typed it ten thousand times before - a small hesitation before the capital letter, a quick double-tap on the keys near the home row, a particular gap between the last two characters. They notice none of this. Neither, usually, does the bank. But TypingDNA does. In the milliseconds it takes to submit the form, the company's software has already measured the rhythm and decided whether the person at the keyboard is who they claim to be.
That is the whole business. TypingDNA, headquartered in New York with engineering roots in Romania, sells the idea that the way you type is as personal as a signature and far harder to steal. It is a behavioral biometrics company - the branch of security that authenticates people by what they do rather than what they have or what they remember. No phone to fish out of a pocket. No fingerprint reader. No code texted to a number that may have been hijacked. Just the keyboard already under your hands.
Security has a famous tax: the more you protect an account, the more annoying it becomes to use. Passwords get longer. Codes arrive by text. Apps demand you open another app. Each new layer keeps a few more criminals out and sends a few more legitimate users fleeing for the exit. Banks call the casualties "drop-off." It is an expensive word.
The traditional fixes all share a flaw: they ask the user to do something. Reach for a phone. Read a code. Press a fingerprint. Behavioral biometrics asks for nothing. The verification happens inside an action the user was already performing. That is the gap TypingDNA aimed at - the space between security that works and security that people will actually tolerate.
There was also a harder problem hiding underneath. Phones get stolen. SIM cards get swapped. Codes get phished by increasingly convincing fakes. The factors meant to prove "it's really you" had quietly become things an attacker could acquire. What was left that a thief genuinely could not copy? The argument TypingDNA made was simple: your typing rhythm travels with you and stays in your fingers.
It is a tidy theory. The catch, as with most tidy theories, was getting a machine to measure something so subtle reliably enough that a bank would stake real money on it.
Raul Popa did the unfashionable thing. He started a company by getting smaller. Having spent years managing teams of people, he set out in 2016 to build typing biometrics with a staff of exactly one - himself. The research had begun two years earlier, in 2014, and the public launch came late in 2016. Only after he had proof that the technology actually worked did he invite co-founders Cristian Tamas and Adrian Gheara to help him turn a working demo into a company.
The bet was steep. Keystroke timing is noisy. People type differently when they are tired, when the keyboard is unfamiliar, when they are angry at a form. Earlier attempts at typing biometrics had mostly stayed in academic papers because the real world is messy and accuracy matters when money is on the line. Popa's wager was that modern AI could finally cut through the noise - and that it could do so with as little as a single previous typing sample to compare against.
The company was born in Romania, drawing on the country's deep bench of engineering talent, then transplanted itself to the United States alongside its Series A - timing that landed it in New York just as COVID arrived and the whole world started working from kitchen tables. As accidents of timing go, building remote-work security right when everyone went remote was a fortunate one.
The technology is one thing measured many ways. When you register, the software studies how long you hold each key, how fast you travel between them, the micro-pauses that punctuate your sentences. That fingerprint - a behavioral one - becomes the thing future logins are checked against. From that single capability, TypingDNA built a small family of products.
A second factor that needs no phone. It drops into IAM systems like Microsoft Entra ID, Okta, Ping and Keycloak, returning a risk score from the way a user types.
Continuous authentication for company laptops. It watches who is typing and locks the machine the instant an unauthorized pattern appears - built for device sharing and unattended desks.
The raw engine for builders: record and match typing patterns across web and mobile to power custom authentication and fraud-detection use cases.
A Google Authenticator alternative for the desktop, secured with - what else - typing biometrics.
The common thread is invisibility. Good behavioral biometrics, like good plumbing, succeeds by going unnoticed. The user types. The system decides. Nobody is asked to prove anything they weren't already proving by simply being themselves at a keyboard.
Ideas about security are cheap. Validation is not. TypingDNA collected three kinds. The first was capital: a $7 million Series A in early 2020, led by Gradient Ventures - the venture fund Google runs specifically to back artificial intelligence. When the company whose entire reputation rests on machine learning writes the check for a machine-learning company, the market notices.
The second was regulatory. The European Banking Authority recognized keystroke dynamics as an inherence factor, meaning a European bank can legally count "the way you type" toward its strong-customer-authentication requirements. That is the unglamorous paperwork that turns a clever demo into something a compliance officer can sign off on.
The third was a customer with a name people recognize. BBVA, the Spanish banking group, enabled typing biometrics for fraud prevention - the kind of reference that opens doors at every other bank in the room.
A qualitative comparison of how much effort each method demands from the person logging in. TypingDNA's pitch lives in that last short bar - security the user never has to participate in. Bars are illustrative, not measured benchmarks.
Strip away the product names and the mission is small and stubborn: get rid of the moment where security interrupts your life. Every code you read, every app you open, every prompt you dismiss is a tiny tax on attention. TypingDNA wants to collect that tax silently, in the background, from a behavior you were going to perform anyway.
It is worth being skeptical here, and the company invites it. Behavioral biometrics raises fair questions - about accuracy when someone is rushed or injured, about what happens to your typing data, about how a system fails when it guesses wrong. These are real, and they are the questions that decide whether typing biometrics becomes infrastructure or footnote. TypingDNA's answer has been to keep grinding on accuracy and to chase the regulatory approvals that force it to prove its claims to someone other than itself.
The competitive field is real too - BioCatch, BehavioSec and others work the same behavioral-biometrics seam, and the broader market of 2FA and passwordless vendors circles the same customers. TypingDNA's distinguishing bet is its narrow focus on the keyboard itself.
The direction of travel is clear. Passwords leak by the billion. Phishing kits now defeat the codes that were supposed to save us. AI makes fake voices and fake faces cheap. In a world where almost any static secret can be copied, the things that resist copying are behaviors - the unconscious, physical, hard-to-fake patterns of how a specific person does a specific thing. Typing is one of the most universal of those things. Nearly everyone does it, constantly, without thinking.
Whether typing biometrics becomes a quiet standard or stays a specialist tool depends on accuracy, trust, and how well it plays with the rest of the security stack. TypingDNA has spent a decade betting on the first, courting the second, and building for the third. The Gartner listing and the bank logos suggest the bet is at least still live.
So return to that bank customer, still logging in. Before TypingDNA, the moment of proving their identity was a hurdle - a code, a wait, a second device, a chance to give up. After, the proving simply vanishes into the typing. The login is the same login it always was. The difference is that the keyboard is now watching, and it knows their hands.
The most secure password, it turns out, may be the one you can't write down, can't lose, and can't forget - because you're typing it every time you type anything at all.