Mobile

10/24/2017
01:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Samsung SDS America Adds BioCatch Behavioral Biometrics to Nexsign Platform to Enable Secure, Frictionless Mobile Experiences

Groundbreaking Fintech Partnership Addresses Market Demand For Continuous, Strong Identity Assurance Within Mobile Banking and Payment Applications

NEW YORK, NY (October 23, 2017) – BioCatch, the global leader in behavioral biometrics, announced today that it has teamed up with Samsung SDS, a global software solutions and IT services company, to integrate behavioral biometrics into its solution, creating an innovative, more powerful layer of fraud protection that works beyond the initial login process. The strategic partnership was made public during this year’s Money 20/20 conference in Las Vegas, NV.

BioCatch’s unique technology will be integrated into and complement Nexsign, Samsung SDS’s FIDO-certified, enterprise-grade biometric authentication software. The integration will fill the major security loopholes exposed when seamless interfaces of today’s most popular mobile applications don’t require a user to login multiple times to validate their identity.  BioCatch will use risk-based authentication to continuously monitor Samsung SDS’ users by mapping their behavioral patterns after log-in, to better distinguish between an authorized user, and that of an unauthorized user or an automated BOT or malware.

“Innovations in fintech have given ease to day-to-day tasks such as, banking, transactions, withdrawals and money transfers. Today’s leading brands have made managing finances a social and adoptable experience matching today’s digitally savvy consumers,” said Eyal Goldwerger, Chief Executive Officer at BioCatch. “However, given how sophisticated fraudsters are today, the consumer-grade authentication protocols that exist leave open the real possibility of account takeovers. In fact, all the fraud that BioCatch finds today, comes from within authenticated sessions, prompted by malware, social engineering and other sophisticated attacks that circumvent the login method entirely. As a result, security continues to be a major factor holding back the full potential of mobile banking and payments, especially when taking into consideration the equally important demand for a seamless user experience. Through Nexsign and our partnership, Samsung has created the platform that resolves this constant battle.”

Adding BioCatch behavioral biometrics complements the FIDO framework. The technology validates users by who they are via their interactions with an online application, rather than by what they know (e.g., passwords or security questions). At its core, the system analyzes more than 500 different behavioral parameters during a session to determine whether the user is in fact the genuine user and not a human imposter, malware or a bot. Now, once a user logs onto a mobile app, the system will be able to recognize if the session has been hijacked, and will require a step-up authentication, or an additional biometric test in order to complete the transaction. This could require the user to present one or more biometric modalities, such as fingerprint coupled with face or voice, depending on the transaction amount.

“The vision of Nexsign is to make passwords obsolete and give users a way to authenticate themselves safely and securely with biometrics. While physical biometrics provide an excellent way to do this at login, and other points within the app through step-up authentication, behavioral biometrics is the perfect complement to provide continuous authentication inside a session.  The BioCatch technology relies on a broad array of parameters, and is able to detect both human and non-human imposters inside a session that would otherwise be impossible to identify with traditional means. We are excited for this partnership and the combined offering that we can deliver to our customers,” said Richard Lobovsky, VP of Enterprise Solutions at Samsung SDS America.

Companies are relying on ineffective passwords or two-factor authentication by phone call, or text push notification to better validate users and are still being hacked.  The average fraudulent transaction is currently priced at around $130 for mobile transactions and $115 for tablets. Additionally, 55 percent of consumers use the same passwords for online banking, emails and social media accounts making it easier for fraudsters to guess the user’s credentials, bypassing authentication steps and other login defenses. This strategic partnership between two industry leaders will seek to minimize that impact.

 

About BioCatch

BioCatch is a cybersecurity company that delivers behavioral biometrics analyzing human-device interactions to protect users and data. Banks and other enterprises use BioCatch to significantly reduce online fraud and protect against a variety of cyber threats, without compromising the user experience. With an unparalleled patent portfolio and deployments at major banks around the world that cover tens of millions of users to date, BioCatch has established itself as the industry leader. For more information, please visit www.biocatch.com.

 

About Samsung SDS America

Samsung SDS America (SDSA) is the U.S. subsidiary of Samsung SDS, a global IT solutions company. SDSA provides purpose-built technology solutions in the areas of enterprise mobility, security, advanced analytics, mobile sales productivity, and training. We enable our customers in the public sector, finance, retail, and other industries to achieve greater freedom, more operational efficiency, and smarter decision making as the driving force for their competitive advantage. SDSA is headquartered in Ridgefield Park, NJ, with offices in Herndon, VA, and San Jose, CA. For more information on Samsung SDS Nexsign, please email [email protected]

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Mozilla, Internet Society and Others Pressure Retailers to Demand Secure IoT Products
Curtis Franklin Jr., Senior Editor at Dark Reading,  2/14/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8903
PUBLISHED: 2019-02-18
index.js in Total.js Platform before 3.2.3 allows path traversal.
CVE-2019-6453
PUBLISHED: 2019-02-18
mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling (Chrome is not exploitable).
CVE-2019-8372
PUBLISHED: 2019-02-18
The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes functionality that allows low-privileged users to read and write arbitrary physical memory via specially crafted IOCTL requests and elevate system privileges. This occurs because the device object has an associated symbolic link an...
CVE-2019-8902
PUBLISHED: 2019-02-18
An issue was discovered in idreamsoft iCMS through 7.0.14. A CSRF vulnerability can delete users' articles via the public/api.php?app=user URI.
CVE-2019-8423
PUBLISHED: 2019-02-18
ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/views/events.php filter[Query][terms][0][cnj] parameter.