What Is Keystroke Encryption?

Security is a serious concern for anyone who uses the Web, but especially when your business data could be at risk. Computers can easily become infected with malware programs that you may remain totally unaware of. There are many ways to deal with this problem, including using security software such as anti-virus or firewall programs. Keystroke encryption involves a different approach to particular types of malware, specifically the malicious programs that attempt to record your keystrokes as you type. Keystroke encryption can remain effective even if your computer has become infected, affording your business an additional layer of security.

When you use a computer to access a service over the Internet, such as an online banking site, you typically enter login details to access your account. Having a secure way of accessing such sites is vital, as unauthorized access may expose you to fraud or theft. If you access Web services with which you share sensitive business information, this risk is serious. The login details for most sites include a username, or email address, and a password. As long as these are well chosen and kept secret, there is a good chance that no one will manage to guess them in order to access the accounts in question.

Some types of computer malware are designed to capture typed keystrokes. Using this data, the malicious programs can retrieve passwords and other login details from sites you have accounts with. These keyloggers record which keys you type on your computer as you access Web services or create documents. With this type of malware running on a computer, it does not matter how well chosen or secure a password is, as the keylogger records it regardless.

To avoid the situation in which a keylogger program successfully captures keystrokes, you can use anti-virus or other security software options. However, these can never guarantee success in either detecting or removing malicious programs. An alternative approach comes is keystroke encryption. With this technique, it does not matter if your computer has keylogger malware on it, as the keystrokes you type are themselves encrypted before the malware can capture them. All that is recorded by any keylogger malware present is nonsense characters. This adds a level of security when entering sensitive business information or account details.

The keystroke encryption technique involves processing at a low level within the operating system kernel for a computer. The encryption process takes place after you type each character but before the associated data has been sent to the application you are using, such as the Web browser program. Intervening at this stage prevents malware from being able to access the keystrokes you type. Before being sent to the application you are using, your keystrokes are encrypted, then unencrypted once they reach the application, so that between these two points the data remains encrypted and therefore inaccessible to the malware. One limitation is that keystroke encryption software typically only thwarts software keyloggers though, not hardware keylogging devices.