Skip to main content

How Is Mouse Data Used? 

Mouse data is used to infer a human’s presence at the machine. TruU is experimenting with a set of Identity verification models, similar in nature to the existing typing models, which utilize the behavioral biometrics inherent to the way a pointing device is used be different individuals. 

Mouse Capture and Processing Flow 

  1. Cursor Capture: Timestamp as well as cursor x, y coordinates with respect to the primary monitor. 
  2. Presence Monitor: CAuth generates realtime estimates of user presence at the machine based on input device usage. 
  3. Persistence: Cursor location information, external monitor information, and metadata are persisted locally in a secure database. 
  4. Archival: Cursor location information, external monitor information, and metadata are first anonymized then transmitted to the cloud for use in training user behavioral models to improve CAuth performance. 

Usage In Risk Calculation 

  • Mouse data is currently used to infer when a user is at the machine, allowing CAuth to estimate the likelihood that the machine has remained in the possession of a single individual. 
  • The time evolution of CAuth risk estimates are based on the above likelihood estimate. 

Persisted Data 

  • X, Y Coordinates - The position of the cursor relative to the primary monitor. 
  • dX, dY - Number of pixels travelled since last measurement taken. 
  • X, Y Scroll Distance - The amount scrolled, if any, in either direction (e.g. via a scroll wheel). 
  • Buttons - Buttons pressed, if any, at this time. 
  • Timestamp - Time of the measured event. 
  • App - The app(s) that was(were) active while the keys were typed. 
  • CAuth data - Additional labels and/or values generated by CAuth which are not constructed from any of the typing data, for use in other aspects of the total CAuth system. 

Privacy and Security Safeguards 

Protecting user privacy and securing sensitive data are foundational principles in the design of CAuth.  Local Processing and Non-Recoverable Representations 
  • Secure Database: All recorded mouse data is stored in an encrypted local database on the endpoint device, which is further protected by restricting read or write access to Admin users only. Encryption keys are device-specific ensuring that even if the database is copied, its contents remain inaccessible. 
  • Anonymization Before Cloud Upload: When mouse data and associated metadata are transmitted to the cloud (for system improvement or analytics), they are first anonymized such that any data has no link back to the identity of the individual from whom it was recorded. 
  • Short Retention Windows: Data stored locally is retained only as long as necessary for risk assessment, model training and evaluation, with automatic purging after a default period (e.g., 14 days).