Latest Tweets
  • No public Tweets found
Recent Comments

    Behavioral Biometrics

    THE DEFINITIVE PLURILOCK GUIDE

    What is behavioral biometrics?

    2017 marked an all-time high for global cyberattacks, with nearly 160,000 incidents reported—almost double the 2016 count of 82,000.1 This trend shows no signs of slowing. By 2021, costs related to cybercrimes such as identity theft will reach a staggering $6 trillion annually.2

    In today’s world of increasingly sophisticated cyberattacks, traditional authentication methods—including multi-factor methods that rely on SMS, mobile identity, or authenticator apps—are not strong enough. Organizations increasingly need state-of-the-art cybersecurity measures that provide persistent, adaptive authentication while simultaneously reducing expensive administrative headaches and end-user friction.

    Enter behavioral biometrics.

    Behavioral Biometrics Defined

    Behavioral biometrics is an evolving technology that authenticates users based on patterns in their behavior. It identifies unique, individual regularities in the ways that people type and move, rather than identifying parts of their bodies (fingerprints or irises), things that they have (key fobs or phones), or things that they know (passwords or biographical details).

    Unlike traditional authentication methods, which authenticate only when access is initiated, behavioral biometrics technologies authenticate continuously, evaluating a user’s ongoing interaction with their mobile device or computer in real time.

    How it works

    Passwords, personal data, and key fobs are easily stolen—but it’s far less easy to “steal” the unique micro-variations in an individual’s movements.

    Every person behaves in a completely individual way. The gait with which someone walks, the fluctuations in vocal tone as they speak, and the cadence with which they type are as unique as fingerprints—but are much harder for malicious actors to capture, much less duplicate. Behavioral biometrics uses these patterns to authenticate users and protect data.

    Plurilock’s behavioral biometric tools run on the actual mobile devices and computer systems connected to an organization’s data. Each user with valid access automatically generates a behavioral profile that reflects the distinct ways in which he or she interacts with critical systems—gestures such as keystrokes, screen swipes, and mouse movements.

    Once a user’s profile is learned, their gestures are monitored silently, in real time, to continuously authenticate identity. If behavioral patterns that don’t match the profile occur, the system can immediately prompt for other forms of authentication, block access, or lock the device down entirely.

    At present, behavioral biometrics is best seen as a powerful, non-overlapping addition to other forms of authentication. In the future, as behavioral biometrics matures, it will likely replace other authentication methods entirely.3

    Behavioral Biometrics: Chapter 1

    TYPES OF BEHAVIORAL BIOMETRICS

    Though the field of behavioral biometrics continues to evolve, three basic types of behavioral biometric data can already be identified: kinesthetics (body movements), vocal patterns, and device-based gestures.

    Behavioral Biometrics: Body/Gait

    Body Movements

    Posture: The unique properties of an individual’s body position and weight distribution while standing or while seated.

    Gait: An individual’s unique walking style, including characteristic movements made while in motion: stride length, upper body posture, and speed of travel relative to these.

    Handling: The way an individual holds or handles a mobile device is another unique factor of behavioral biometric data.

    Behavioral Biometrics: Voice Recognition

    Voice Inputs

    Vocal Patterns: The unique, regular variations in sound that occur as a user speaks or vocalizes.

    Behavioral Biometrics: Device

    Device-Based Gestures

    Keystroke Dynamics: Typing patterns that vary uniquely from user to user. These include a combination of keystroke speed, keystroke duration, variations in these for particular key sequences, and characteristic patterns that occur when typing common groups of keystrokes such as words or control sequences.

    Touchscreen Swipes / Mobile Interactions: The unique ways in which users swipe, tap, pinch-zoom, type, or apply pressure on the touchscreens of mobile devices like tablets and phones.

    Cursor Movement: Unique patterns in mouse or trackpad cursor movement including paths, tracking speed, direction changes, clicks, and the relationships between these.

    BEHAVIORAL vs. PHYSIOLOGICAL

    Behavioral biometrics tools differ in key ways from less secure physiological (body-based) biometrics tools.

    Physiological

    Physiological biometrics relies on the structures of the body for identification—for example, on fingerprints, on facial dimensions, or on the parts of the eye. Though these structures make each individual body unique, they are static, which leaves them more vulnerable to being scanned or photographed, then reconstructed for malicious use.
    Behavioral Biometrics: Physiological Biometrics
    Biometric Authentication

    Behavioral

    Behavioral biometrics identifies patterns in the ways that particular bodies perform particular tasks—patterns in walking, speaking, typing, or even touchscreen and mouse behavior. These patterns are prohibitively difficult to capture and replicate, and they evolve over time.

    Behavioral biometrics tools profile these patterns, then evolve with the user. They leverage powerful statistical models and machine learning to spot the differences between a known user’s gradual evolution and the unwanted presence of an entirely different user.

    Use Cases

    Behavioral Biometrics tools are suited to a wide variety of authentication and access management tasks, most notably in healthcare, critical infrastructure, financial services, and other high-security environments. Behavioral biometrics can prevent or mitigate against:

    Behavioral Biometrics: Stolen Credentials

    Stolen Credentials

    No matter what countermeasures are in place, login credentials are periodically stolen or compromised. This endangers systems, data, and entire infrastructures. Behavioral biometrics can be used to ensure that the person attempting to use a system has been legitimately granted access to it.

    Behavioral Biometrics: Account Sharing

    Password/Account sharing

    The informal sharing of named accounts is a common security risk. Best-in-class behavioral biometrics technologies can differentiate between intended users and everyone else—even as login credentials are being entered—and block authentication accordingly.

    Behavioral Biometrics: User Substitution

    User Substitution

    Ad-hoc substitution of one user for another, without prior knowledge or consent, is both common and risky, particularly in outsourced environments. Behavioral biometrics algorithms can ensure that the person actually using a system is the person presumed to be using it.

    Behavioral Biometrics: Insider Threat

    Insider Threats

    Oversights in privileged access management can give rise to internal threats—users whose access to some systems inadvertently results in access to others. Behavioral biometrics can ensure that the actual moment-by-moment use of any system is carried out only by intended users.

    Behavioral Biometrics: Remote Access Trojan

    Remote Access Trojans

    Whether a workstation is locally or remotely accessed, behavioral biometrics can check all use against authorized biometric profiles, immediately blocking use by unknown actors.

    Behavioral Biometrics: Icon-USB-Attack

    USB / Rubber Ducky Attacks

    USB-based attacks commonly rely on rapid, automated data entry simulating keyboard or mouse use. Whatever the human user's understanding of or reaction to the attack, behavioral biometric tools are not fooled; they can immediately note the change in input patterns and block further input.

    Behavioral Biometrics: Phishing

    Phishing Attacks

    Though behavioral biometrics can’t stop a user from clicking on malicious links or supplying sensitive data to malicious actors, it can rapidly detect intruders that use phishing data to access and act on a secured system—no matter what they attempt to do once logged in.

    Behavioral Biometrics: Attribution

    UNCERTAIN Attribution

    If attacks or breaches occur, behavioral biometrics can be used to identify internal participants in them. The biometric signature of the actions taken can be compared against known user profiles, identifying the culprit(s) using the nuances of their keyboard or mouse behavior.

    Behavioral Biometrics: User Carelessness

    User Carelessness

    Even the most conscientious users may inadvertently leave workstations unattended or unlocked before stepping away. Behavioral biometrics can identify the arrival of a new, unauthorized user rapidly—even at an unlocked workstation—and take appropriate measures.

    Behavioral Biometrics: License Management

    License MISManagement

    The illicit sharing of per-seat licenses is both common and a liability risk for many large organizations. Behavioral biometrics can ensure that licensing practices are sound and only named users make use of licensed products and services.

    Behavioral Biometrics: Fraud

    IDENTITY Fraud

    Financial services organizations, health care organizations, or others that provide services to end-users can rapidly profile each user's behavior and stop malicious attempts to access data or services with stolen user credentials.

    Behavioral Biometrics: Invisible MFA

    Passive, Pervasive MFA

    Passive and pervasive by design, behavioral biometrics is a completely invisible link in the authentication chain. Behavioral biometrics is transparent and frictionless; until threats arise, users don’t even know it’s there.

    Behavioral Biometrics: Compliance

    HIGH Regulatory Compliance

    Behavioral biometrics tools enable organizations to meet key portions of the increasingly stringent cybersecurity standards and regulations set forth by NIST 800-171, ISO 27001, HIPAA, FINRA, and FISMA.

    1. Online Trust Alliance: Cyber Incident & Breach Trends Report. Review and analysis of 2017 cyber incidents, trends and key issues to address. Retrieved June 12, 2018 from: https://www.otalliance.org/system/files/files/initiative/documents/ota_cyber_incident_trends_report_jan2018.pdf
    2. CyberSecurity Ventures: Cybercrime Damages $6 Trillion By 2021. Retrieved June 12, 2018 from: https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/
    3. National Institute of Standards and Technology. July 2018. Digital Identity Guidelines Authentication and Lifecycle Management.
    4. >Kaczmarek, T., Ozturk, E., and Tsudik, G. 2017. Assentication: User Deauthentication and Lunchtime Attack Mitigation with Seated Posture Biometric.

    PLURILOCK IS THE LEADER IN IDENTITY ASSURANCE USING BEHAVIORAL BIOMETRICS

    Plurilock delivers preventative, instantaneous, and continuous solutions for workplace authentication and regulatory compliance. Plurilock’s BioTracker software provides invisible authentication for endpoint detection and response (EDR) and behavioral biometrics-based user behavior analytics (UBA). These features enable transparent second-factor authentication and continuous identity verification for financial services and healthcare organizations.

    Follow

            

    Contact Plurilock

    Have a question or comment?