Invisible Biometrics Month: Biometrics Versus Malware

Behavioral Biometrics

While many biometric modalities focus on a single physical characteristic that can be measured and matched – be it a facial characteristic, fingerprint, the sound of your voice or even your heartbeat – behavioral biometrics are more elusive. The way that you interact with the world both online and off is characterized by a unique signature made up of human minutiae that some of the newest biometric technologies can now capture.

Behavioral biometrics solutions, also categorized as behavioral analytics, can offer persistent and frictionless authentication. Online and via mobile device, solutions like those offered by authentication and anti-fraud company BioCatch monitor a user’s behavior and compare it to a comprehensive psychological profile. BioCatch Mobile, for instance, accounts for things like right or left handedness, device preference, hand tremors, press size and hand-eye coordination.

As mobility continues to gain traction as the online access point of choice for users around the world, behavioral biometrics are poised to greatly benefit from the myriad sensors that can measure the various ways we interface with our devices. New innovations like touch screen gesture recognition and Apple’s force-touch expand the micro-characteristics that can be used to authenticate users, and metrics like walking gait have been on the minds of innovators for years; a keynote at the 2013 iteration of Biometrics UnPlugged suggested that it be employed as logical access control for handsets.

While behavioral biometrics have plenty to offer in user authentication, they also have a second function in the online space: they can weed out malware.

Man Versus Machine

Malware is a major vehicle for financial fraud and behavioral biometrics can be deployed to detect non-humans attempting this online crime. Generally, these attempts at cybercrime are met with hugely inconvenient tests of human sentience. Captcha images are the most common of these, presenting users with an image of text that must be entered into a text field before creating an account. Other old-style two step solutions for human detection involve the typing of a spoken phrase or having a one-time password sent to a mobile device and then entered.

In this scenario it’s easy to identify the demand for a frictionless situation. In the same way that passive voiceprint biometrics are replacing cumbersome security questions in call center operations, behavioral biometrics are breaking down barriers for online services.

Threat detection solutions like those offered by behavioral analytics company NuData Security and, again, BioCatch, have proven incredibly adept at recognizing non-human behavioral profiles. BioCatch has even gone as far to visualize the profiles of certain malwares and offer them as art in a clever marketing campaign.

As the technology to detect non-humans evolves alongside that of actual behavioral authentication, what we are beginning to see is a robust biometric offering that has built-in liveness detection. A website that has behavioral user authentication running in the background that is also able to detect human-impersonating bots can potentially offer visitors an optimal experience in terms of convenience.

Just Be Yourself

The emergence of behavioral biometrics as a viable mode of authentication is both exciting and affirming of the base concept of identity. The implication that all of our quotidian gestures, when combined, paint a snowflake-like picture of who we are is empowering for those of us who enjoy our autonomy. In the age of social media, that counts as just about everybody.

Beyond the realm of online activity and mobile access control, the concept of behavioral biometrics is being applied to large scale disaster response programs, thanks to technology like NEC’s behavioral system being employed in Tokyo. Additionally, as the mobile ecosystem expands with consumer wearable tech, and behavioral sensors proliferate as a result, the systems can become increasingly robust.

What’s more, behavioral biometrics can obviously be integrated into a larger mutli-factor system, providing an invisible foundation than can scale up security as dictated by whether or not the user is behaving like herself. Imagine a system that is frictionless when it recognizes you, but upon detecting anomalies requests your fingerprint, face or voice for good measure. You would not be the first.

The advent of behavioral biometrics is an excellent example of the golden age of innovation that consumer biometrics tech has entered. As the need for greater convenience and security spurs innovation, the inventive minds in the identity management industry are discovering new ways that we are all unique, and how to prove it to the world. With invisible biometrics, it’s beginning to become apparent that the key to standing out is to just be yourself.

Stay with FindBiometrics throughout the rest of July as we continue to delve deeper into the world of invisible biometrics. Join in the conversation by following us on Twitter and using the hashtag #FBinvisible.

—

July 15, 2015 – by Peter B. Counter

Partners

FaceTec’s patented, industry-leading 3D Face Verification and Reverification software anchors digital identity, creating a chain of trust from user onboarding to ongoing authentication on all modern smart devices and webcams. FaceTec’s 3D FaceMaps™ finally make trusted, remote identity verification possible. As the only technology backed by a persistent spoof bounty program and NIST/iBeta Certified Liveness Detection, FaceTec is the global standard for 3D Liveness and Face Matching with millions of users on six continents in financial services, border security, transportation, blockchain, e-voting, social networks, online dating and more. www.facetec.com

AuthenticID provides 100% automated identity verification and fraud detection solutions that are leveraged by companies worldwide, including 2 of the top 3 U.S. Banks, 8 out the top 10 wireless providers in North America, and 2 of the 3 credit bureaus. Using proprietary computer vision and machine learning technology, these solutions help companies accurately verify the identity of their users across retail, digital and call center environments for onboarding and ongoing re-authentication events; KYC, IAM, and more. The solutions are easy to integrate and provide customers a large ROI by stopping fraud losses, increasing customer conversion at onboarding, reducing operational costs and allowing quick and cost-effective operational scalability, all while ensuring global privacy regulations are complied with. https://www.authenticid.com/

Anonybit is a privacy-focused technology platform that provides decentralized solutions for securing personal data, particularly biometric information. Rather than storing sensitive data in centralized repositories, which are vulnerable to breaches, Anonybit uses a distributed architecture that breaks data into smaller encrypted bits and stores them across a network of decentralized nodes. This approach ensures that no single entity has access to the full dataset, enhancing privacy and security, even preventing insider threats. Anonybit is used by leading banks, fintechs and other enterprises for critical biometric identity functions like deduplication and blocklist checks, step up authentication, passwordless login and account recovery https://anonybit.io/

Identity Week aims to be a significant identity industry catalyst. It’s our mission is to help accelerate the move towards a world where trusted identity solutions enable governments and commercial organisations to provide citizens, employees, customers and consumers with a multitude of opportunities to transact in a seamless, yet secure manner. All the while preventing the efforts of those intent on doing harm. https://identityweek.net/

The Biometric Digital Identity Prism is a market landscape framework designed to help influencers and decision makers understand, innovate, and implement digital identity technologies and solutions. This innovative framework for understanding and evaluating the rapidly evolving biometric digital identity marketplace is the only market model that is truly biometric-centric based on the foundational conviction that in the age of digital transformation the only true, reliable link between humans and their digital data is biometrics. https://www.the-prism-project.com

ID R&D is an innovator of biometric facial liveness, document liveness, and voice biometrics. Ranked #1 by NIST, our patented passive approach to liveness, and specialized detection of voice clones, injection attacks and deepfakes, empowers KYC and authentication systems with fast, accurate and secure biometric verification technologies. Over 140 partners in more than 70 countries are collectively processing hundreds of millions of identity checks per year. ID R&D solutions easily integrate with mobile, web, messaging, smart speakers, set-top boxes, and IoT devices. Learn more: www.idrnd.ai

Behavioral Biometrics

Man Versus Machine

Just Be Yourself

Footer

Follow Us