Operations //

Identity & Access Management

4/23/2015
07:10 PM
Connect Directly
Twitter
RSS
E-Mail
100%
0%

Behavioral Biometrics On The Rise At RSA Conference

Harder to spoof and easier on users, behavioral biometrics may be bigger than passwords soon.

RSA CONFERENCE -- San Francisco -- Fingerprints and retinal scans are awfully hard to spoof, but they are static data that could be stolen, and worse yet, they force users to go through another pesky step in the authentication process. These are the problems being solved by behavioral biometrics technology -- or "passive biometrics," as it's called by Israeli start-up Biocatch, which Dark Reading profiled in July.

These new technologies may monitor mouse dynamics, navigation habits, and keystroke dynamics, like the speed you type and the pressure you hit the keys with, gesture dynamics like swipe speed and distance -- all things you do unconsciously which happen to be very unique to you.

Two companies at the RSA conference this week are operating in this space. Another, Toopher, was also scheduled to be in attendance, but was acquired by SalesForce in April.

NuData Security

The goal, as NuData Security marketing director Matthew Reeves explains, is to see "what can we observe, rather than request from people."

In addition to the biometrics, NuData builds profiles based upon what devices a user commonly authenticates from, or what locations they generally operate within; then flags anomalous behavior. 

Recently NuData researchers discovered that by looking for suspicious account creation activity they could predict fraud 15 days before it would happen. Today they announced an updated dashboard to make it easier to identify these suspicious events and prevent the fraud.

BehavioSec

Sweden-based Behaviosec is a device-agnostic solution that continuously monitors and measures mouse, keystroke, and gesture dynamics. When the behavior of the user (or machine) trying to log in does not match the user profile, the tool initiates a second factor of authentication.

BehavioSec has become popular with financial institutions across Scandinavia, including Danske Banke, authenticating tens of millions of users. 

The company is also in phase two of an Active Authentication project with DARPA, that would incorporate the Behaviosec mobile product with the traditional smartcard access controls used within the Department of Defense.

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
HAnatomi
50%
50%
HAnatomi,
User Rank: Apprentice
4/24/2015 | 1:44:43 AM
Presence of a fallback password
Biometric authentication could be a candidate for displacing the password if/when (only if/when) it has stopped depending on a password to be registered in case of false rejection while keepting the near-zero false acceptance.
Sara Peters
50%
50%
Sara Peters,
User Rank: Author
4/23/2015 | 9:00:42 PM
Re: Better Than Murder and Amputation
@Christian  "I have to give behavioral biometrics a thums up - so I can keep my thumbs!" Hahahaaaa!!! Love it.

Yes, there are still things to be worked out, but the good thing is that if these tools are used in a way that reuires no work from the user, they reduce friction, and then when there's an anomaly -- perhaps for the legitimate reasons you've mentioned -- they'll request a second factor of active authentication from the user. I can see why online retailers might really like it for return customers. 
No SOPA
100%
0%
No SOPA,
User Rank: Ninja
4/23/2015 | 8:35:33 PM
Better Than Murder and Amputation
Because hacking biometrics involves lots of unsavory hacks such as murder, amputation or even self-mutilation, I have to give behavioral biometrics a thums up - so I can keep my thumbs!

The math and code behind this technology is fascinating, and what it takes to get you to a place where enough data has been collected to successfully create a behavioral "fingerprint" is also of interest, never quite being the same for each person.

As with all predictive tech, though, there are plenty of unforseen factors that can skew the data.  Schizophrenia, for instance, and other mental illnesses that could affect the data (whether in the initial reading, or after the reading when the mental illness presents, offsetting the user's behavior), or even something as simple as a hangover or depression.

Still, I think I prefer where this is going more than where the esoteric fingerprint or retinal scan tech was taking us.   

 
Google Engineering Lead on Lessons Learned From Chrome's HTTPS Push
Kelly Sheridan, Staff Editor, Dark Reading,  8/8/2018
White Hat to Black Hat: What Motivates the Switch to Cybercrime
Kelly Sheridan, Staff Editor, Dark Reading,  8/8/2018
PGA of America Struck By Ransomware
Dark Reading Staff 8/9/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-3937
PUBLISHED: 2018-08-14
An exploitable command injection vulnerability exists in the measurementBitrateExec functionality of Sony IPELA E Series Network Camera G5 firmware 1.87.00. A specially crafted GET request can cause arbitrary commands to be executed. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2018-3938
PUBLISHED: 2018-08-14
An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POST r...
CVE-2018-12537
PUBLISHED: 2018-08-14
In Eclipse Vert.x version 3.0 to 3.5.1, the HttpServer response headers and HttpClient request headers do not filter carriage return and line feed characters from the header value. This allow unfiltered values to inject a new header in the client request or server response.
CVE-2018-12539
PUBLISHED: 2018-08-14
In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted native code. Attach API is enabled by default on Windows,...
CVE-2018-3615
PUBLISHED: 2018-08-14
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.