Behavioral Biometrics: Dynamic Approach to Authentication and Security

Two factors will play a major role in the growth and development of behavioral biometrics as an advanced authentication and security gate: the biometrics market overall is expected to reach a value of $30 billion by 2021 and cybersecurity will become one of the hottest industries globally by 2020.

Biometrics are gaining more and more popularity in the financial services industry worldwide. The technology is claimed to be the most convenient method as users don’t have to remember the numbers, codes or passwords. Seeking to leverage the technology, a range of banks have turned to testing biometrics on limited audiences/particular markets. It may not take long till the industry makes biometric authentication mainstream and ditches passwords once and forever.

Static vs. dynamic biometrics

Not all biometrics and respectful methods of authentication are born equal. Static biometrics such as vein pattern, fingerprint, retina scan, selfie, are all nearly unchangeable from the point of view of software and hardware that remembers them for the next time a user tries to access a protected device.

Although relatively secure if we were to put passwords next to them, static biometrics may fade in the ability to ensure the proper security in comparison to dynamic solutions, which behavioral biometrics represent.

Behavioral biometrics are ahead of the game when it comes to understanding something that is difficult (not impossible, though, as Gozi tries to prove) to copy individual behavioral patterns – hallmarks of the way one uses his/her devices and navigates on platforms.

Behavioral biometrics solutions are able to create a more precise picture of the user by examining a range of behavioral patterns, actively evaluating the user’s unique kinetic interaction signature with their mobile device, as one of the companies operating in the segment described.

Probably one of the most interesting and important hallmarks of behavioral biometrics is that powered with learning capabilities, they are able to continuously improve the accuracy, learn a wide variety of pattern elements of a particular user and everything in the background, dynamically improving the security layer. The longer solutions are able to monitor and enrich their database, the more secure protection they are able to provide and more accurately recognize the owner of the device.

Innovators in behavioral biometrics solutions market

Behavioral biometric authentication remained quite a niche market with limited solution providers still being considered partially experimental. In 2016, however, the situation may change and new players in the light of the substantial cost of security breaches and security-related tension will be able to bring behavioral biometric authentication to the mainstream.

BehavioSec is probably one of the most well-known behavioral biometrics-based authentication solution provider. In January, the company was reported to enter a partnership with TeleSign, a provider of mobile identity solutions, in order to bring additional capabilities to TeleSign’s mobile identity solutions for securing end-user accounts, preventing fraud and delivering continuous user verification and assurance.

There are, however, other interesting players in the market such as Zighra, which offers adaptive behavioral authentication solutions.

Balabit is also among the favorers of dynamic approach in ensuring data security. The company was recently reported to launch a new version of its behavioral analytics solution at this year’s RSA Conference.

FSTBM is another interesting example as the company’s IMID Access software with In Motion Identification technology allows to identify users at a distance and in motion quickly and accurately.

Swiss-based NetGuardians also goes to the Ivy League of behavioral biometrics. The company has a specialized expertise in user behavior analytics and profiling to implement controls for fraud and compliance challenges. In mid-July, NetGuardians and Sweden’s BehavioSec announced to join forces to leverage their complementary technologies to provide complete fraud protection to financial institutions – and their clients – around the world.

SecureAuth offers technology that uses unique behaviors – keystrokes, mouse movement – to help determine identities with confidence. The company claims its SecureAuth IdP to be the only solution that offers continuous authentication and up to 99% accuracy. SecureAuth’s adaptive authentication/risk-based analysis additionally employs device recognition, threat services, directory lookup, geolocation, and geo velocity. In total, six layers of defense to safeguard user credentials.

NuDetect continuously verifies a user’s online identity by authenticating the user based on their natural interactions online. The solution harnesses behavioral and passive biometric analysis to help clients predict fraud and risk. It allows to identify an authentic user behind the device and builds a detailed contiguous profile of the user based on how they interact with online services using their devices.