Operations //

Identity & Access Management

4/23/2015
07:10 PM
Connect Directly
Twitter
RSS
E-Mail
100%
0%

Behavioral Biometrics On The Rise At RSA Conference

Harder to spoof and easier on users, behavioral biometrics may be bigger than passwords soon.

RSA CONFERENCE -- San Francisco -- Fingerprints and retinal scans are awfully hard to spoof, but they are static data that could be stolen, and worse yet, they force users to go through another pesky step in the authentication process. These are the problems being solved by behavioral biometrics technology -- or "passive biometrics," as it's called by Israeli start-up Biocatch, which Dark Reading profiled in July.

These new technologies may monitor mouse dynamics, navigation habits, and keystroke dynamics, like the speed you type and the pressure you hit the keys with, gesture dynamics like swipe speed and distance -- all things you do unconsciously which happen to be very unique to you.

Two companies at the RSA conference this week are operating in this space. Another, Toopher, was also scheduled to be in attendance, but was acquired by SalesForce in April.

NuData Security

The goal, as NuData Security marketing director Matthew Reeves explains, is to see "what can we observe, rather than request from people."

In addition to the biometrics, NuData builds profiles based upon what devices a user commonly authenticates from, or what locations they generally operate within; then flags anomalous behavior. 

Recently NuData researchers discovered that by looking for suspicious account creation activity they could predict fraud 15 days before it would happen. Today they announced an updated dashboard to make it easier to identify these suspicious events and prevent the fraud.

BehavioSec

Sweden-based Behaviosec is a device-agnostic solution that continuously monitors and measures mouse, keystroke, and gesture dynamics. When the behavior of the user (or machine) trying to log in does not match the user profile, the tool initiates a second factor of authentication.

BehavioSec has become popular with financial institutions across Scandinavia, including Danske Banke, authenticating tens of millions of users. 

The company is also in phase two of an Active Authentication project with DARPA, that would incorporate the Behaviosec mobile product with the traditional smartcard access controls used within the Department of Defense.

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
HAnatomi
50%
50%
HAnatomi,
User Rank: Apprentice
4/24/2015 | 1:44:43 AM
Presence of a fallback password
Biometric authentication could be a candidate for displacing the password if/when (only if/when) it has stopped depending on a password to be registered in case of false rejection while keepting the near-zero false acceptance.
Sara Peters
50%
50%
Sara Peters,
User Rank: Author
4/23/2015 | 9:00:42 PM
Re: Better Than Murder and Amputation
@Christian  "I have to give behavioral biometrics a thums up - so I can keep my thumbs!" Hahahaaaa!!! Love it.

Yes, there are still things to be worked out, but the good thing is that if these tools are used in a way that reuires no work from the user, they reduce friction, and then when there's an anomaly -- perhaps for the legitimate reasons you've mentioned -- they'll request a second factor of active authentication from the user. I can see why online retailers might really like it for return customers. 
Christian Bryant
100%
0%
Christian Bryant,
User Rank: Ninja
4/23/2015 | 8:35:33 PM
Better Than Murder and Amputation
Because hacking biometrics involves lots of unsavory hacks such as murder, amputation or even self-mutilation, I have to give behavioral biometrics a thums up - so I can keep my thumbs!

The math and code behind this technology is fascinating, and what it takes to get you to a place where enough data has been collected to successfully create a behavioral "fingerprint" is also of interest, never quite being the same for each person.

As with all predictive tech, though, there are plenty of unforseen factors that can skew the data.  Schizophrenia, for instance, and other mental illnesses that could affect the data (whether in the initial reading, or after the reading when the mental illness presents, offsetting the user's behavior), or even something as simple as a hangover or depression.

Still, I think I prefer where this is going more than where the esoteric fingerprint or retinal scan tech was taking us.   

 
121 Pieces of Malware Flagged on NSA Employee's Home Computer
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/16/2017
Mobile Malware Incidents Hit 100% of Businesses
Dawn Kawamoto, Associate Editor, Dark Reading,  11/17/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Managing Cyber-Risk
An online breach could have a huge impact on your organization. Here are some strategies for measuring and managing that risk.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.