Traces how anti-bot systems read the clock instead of the cursor: event-dispatch latency, requestAnimationFrame cadence, input-to-action gaps, and why synthetic interaction keeps a suspiciously clean beat.
Traces how pointer motion becomes a biometric for bot detection: Fitts's law, bell-shaped velocity profiles, the two-thirds power law, micro-jitter and overshoot, and why straight-line and Bezier synthetic paths get flagged.
Traces how the browser separates real input from fabricated input: the isTrusted flag and its unforgeable layout, the prescribed pointer and mouse event sequence, and why CDP-injected events that read as trusted still leak through timing and missing telemetry.
Traces what mouse, keystroke, and touch dynamics actually measure, how continuous authentication differs from a login check, how BioCatch and BehavioSec build the profile, and why behavioral data sits in a regulatory grey zone.
A primary-source reference on keystroke dynamics: how dwell time, flight time, and digraph latencies are measured, the path from telegraph fists to LSTM auth at internet scale, and where the accuracy claims actually hold.
A reference on the detection side of mouse dynamics: the curvature, velocity, acceleration and pause features detectors extract, the classifiers that separate human from bot, and the Balabit dataset that anchors the literature.
A reference on touch dynamics as a behavioral biometric: the raw signals a phone exposes (pressure, contact area, velocity, curvature, tap timing), the features built on top of them, and how the same signals drive auth and bot detection.
How DeviceMotion and DeviceOrientation readings separate a handheld phone from an emulator, why flat or looped sensor streams give automation away, and how the iOS and Android permission models gate the whole signal.
A reference on session-replay pipelines: the DOM snapshot plus incremental-mutation model, the mouse, scroll, focus and input events that get streamed, the FullStory and Hotjar lineage versus fraud-vendor use, and the privacy leaks.
Behavioral models need history to judge a user, so first-session and new-account verdicts are structurally weak. Traces how vendors bootstrap with population models, device signals, and progressive trust, and where each fallback breaks.