Operations // Identity & Access Management
4/23/2015
07:10 PM
Connect Directly
Twitter
RSS
E-Mail
100%
0%

Behavioral Biometrics On The Rise At RSA Conference

Harder to spoof and easier on users, behavioral biometrics may be bigger than passwords soon.

RSA CONFERENCE -- San Francisco -- Fingerprints and retinal scans are awfully hard to spoof, but they are static data that could be stolen, and worse yet, they force users to go through another pesky step in the authentication process. These are the problems being solved by behavioral biometrics technology -- or "passive biometrics," as it's called by Israeli start-up Biocatch, which Dark Reading profiled in July.

These new technologies may monitor mouse dynamics, navigation habits, and keystroke dynamics, like the speed you type and the pressure you hit the keys with, gesture dynamics like swipe speed and distance -- all things you do unconsciously which happen to be very unique to you.

Two companies at the RSA conference this week are operating in this space. Another, Toopher, was also scheduled to be in attendance, but was acquired by SalesForce in April.

NuData Security

The goal, as NuData Security marketing director Matthew Reeves explains, is to see "what can we observe, rather than request from people."

In addition to the biometrics, NuData builds profiles based upon what devices a user commonly authenticates from, or what locations they generally operate within; then flags anomalous behavior. 

Recently NuData researchers discovered that by looking for suspicious account creation activity they could predict fraud 15 days before it would happen. Today they announced an updated dashboard to make it easier to identify these suspicious events and prevent the fraud.

BehavioSec

Sweden-based Behaviosec is a device-agnostic solution that continuously monitors and measures mouse, keystroke, and gesture dynamics. When the behavior of the user (or machine) trying to log in does not match the user profile, the tool initiates a second factor of authentication.

BehavioSec has become popular with financial institutions across Scandinavia, including Danske Banke, authenticating tens of millions of users. 

The company is also in phase two of an Active Authentication project with DARPA, that would incorporate the Behaviosec mobile product with the traditional smartcard access controls used within the Department of Defense.

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
HAnatomi
50%
50%
HAnatomi,
User Rank: Apprentice
4/24/2015 | 1:44:43 AM
Presence of a fallback password
Biometric authentication could be a candidate for displacing the password if/when (only if/when) it has stopped depending on a password to be registered in case of false rejection while keepting the near-zero false acceptance.
Sara Peters
50%
50%
Sara Peters,
User Rank: Author
4/23/2015 | 9:00:42 PM
Re: Better Than Murder and Amputation
@Christian  "I have to give behavioral biometrics a thums up - so I can keep my thumbs!" Hahahaaaa!!! Love it.

Yes, there are still things to be worked out, but the good thing is that if these tools are used in a way that reuires no work from the user, they reduce friction, and then when there's an anomaly -- perhaps for the legitimate reasons you've mentioned -- they'll request a second factor of active authentication from the user. I can see why online retailers might really like it for return customers. 
Christian Bryant
100%
0%
Christian Bryant,
User Rank: Ninja
4/23/2015 | 8:35:33 PM
Better Than Murder and Amputation
Because hacking biometrics involves lots of unsavory hacks such as murder, amputation or even self-mutilation, I have to give behavioral biometrics a thums up - so I can keep my thumbs!

The math and code behind this technology is fascinating, and what it takes to get you to a place where enough data has been collected to successfully create a behavioral "fingerprint" is also of interest, never quite being the same for each person.

As with all predictive tech, though, there are plenty of unforseen factors that can skew the data.  Schizophrenia, for instance, and other mental illnesses that could affect the data (whether in the initial reading, or after the reading when the mental illness presents, offsetting the user's behavior), or even something as simple as a hangover or depression.

Still, I think I prefer where this is going more than where the esoteric fingerprint or retinal scan tech was taking us.   

 
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Five Things Every Business Executive Should Know About Cybersecurity
Don't get lost in security's technical minutiae - a clearer picture of what's at stake can help align business imperatives with technology execution.
Flash Poll
Dark Reading Strategic Security Report: The Impact of Enterprise Data Breaches
Dark Reading Strategic Security Report: The Impact of Enterprise Data Breaches
Social engineering, ransomware, and other sophisticated exploits are leading to new IT security compromises every day. Dark Reading's 2016 Strategic Security Survey polled 300 IT and security professionals to get information on breach incidents, the fallout they caused, and how recent events are shaping preparations for inevitable attacks in the coming year. Download this report to get a look at data from the survey and to find out what a breach might mean for your organization.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Security researchers are finding that there's a growing market for the vulnerabilities they discover and persistent conundrum as to the right way to disclose them. Dark Reading editors will speak to experts -- Veracode CTO and co-founder Chris Wysopal and HackerOne co-founder and CTO Alex Rice -- about bug bounties and the expanding market for zero-day security vulnerabilities.