Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations //

Identity & Access Management

4/23/2015
07:10 PM
Connect Directly
Twitter
RSS
E-Mail
100%
0%

Behavioral Biometrics On The Rise At RSA Conference

Harder to spoof and easier on users, behavioral biometrics may be bigger than passwords soon.

RSA CONFERENCE -- San Francisco -- Fingerprints and retinal scans are awfully hard to spoof, but they are static data that could be stolen, and worse yet, they force users to go through another pesky step in the authentication process. These are the problems being solved by behavioral biometrics technology -- or "passive biometrics," as it's called by Israeli start-up Biocatch, which Dark Reading profiled in July.

These new technologies may monitor mouse dynamics, navigation habits, and keystroke dynamics, like the speed you type and the pressure you hit the keys with, gesture dynamics like swipe speed and distance -- all things you do unconsciously which happen to be very unique to you.

Two companies at the RSA conference this week are operating in this space. Another, Toopher, was also scheduled to be in attendance, but was acquired by SalesForce in April.

NuData Security

The goal, as NuData Security marketing director Matthew Reeves explains, is to see "what can we observe, rather than request from people."

In addition to the biometrics, NuData builds profiles based upon what devices a user commonly authenticates from, or what locations they generally operate within; then flags anomalous behavior. 

Recently NuData researchers discovered that by looking for suspicious account creation activity they could predict fraud 15 days before it would happen. Today they announced an updated dashboard to make it easier to identify these suspicious events and prevent the fraud.

BehavioSec

Sweden-based Behaviosec is a device-agnostic solution that continuously monitors and measures mouse, keystroke, and gesture dynamics. When the behavior of the user (or machine) trying to log in does not match the user profile, the tool initiates a second factor of authentication.

BehavioSec has become popular with financial institutions across Scandinavia, including Danske Banke, authenticating tens of millions of users. 

The company is also in phase two of an Active Authentication project with DARPA, that would incorporate the Behaviosec mobile product with the traditional smartcard access controls used within the Department of Defense.

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
HAnatomi
50%
50%
HAnatomi,
User Rank: Apprentice
4/24/2015 | 1:44:43 AM
Presence of a fallback password
Biometric authentication could be a candidate for displacing the password if/when (only if/when) it has stopped depending on a password to be registered in case of false rejection while keepting the near-zero false acceptance.
Sara Peters
50%
50%
Sara Peters,
User Rank: Author
4/23/2015 | 9:00:42 PM
Re: Better Than Murder and Amputation
@Christian  "I have to give behavioral biometrics a thums up - so I can keep my thumbs!" Hahahaaaa!!! Love it.

Yes, there are still things to be worked out, but the good thing is that if these tools are used in a way that reuires no work from the user, they reduce friction, and then when there's an anomaly -- perhaps for the legitimate reasons you've mentioned -- they'll request a second factor of active authentication from the user. I can see why online retailers might really like it for return customers. 
RetiredUser
100%
0%
RetiredUser,
User Rank: Ninja
4/23/2015 | 8:35:33 PM
Better Than Murder and Amputation
Because hacking biometrics involves lots of unsavory hacks such as murder, amputation or even self-mutilation, I have to give behavioral biometrics a thums up - so I can keep my thumbs!

The math and code behind this technology is fascinating, and what it takes to get you to a place where enough data has been collected to successfully create a behavioral "fingerprint" is also of interest, never quite being the same for each person.

As with all predictive tech, though, there are plenty of unforseen factors that can skew the data.  Schizophrenia, for instance, and other mental illnesses that could affect the data (whether in the initial reading, or after the reading when the mental illness presents, offsetting the user's behavior), or even something as simple as a hangover or depression.

Still, I think I prefer where this is going more than where the esoteric fingerprint or retinal scan tech was taking us.   

 
Microsoft Patches Wormable RCE Vulns in Remote Desktop Services
Kelly Sheridan, Staff Editor, Dark Reading,  8/13/2019
The Mainframe Is Seeing a Resurgence. Is Security Keeping Pace?
Ray Overby, Co-Founder & President at Key Resources, Inc.,  8/15/2019
GitHub Named in Capital One Breach Lawsuit
Dark Reading Staff 8/14/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-15132
PUBLISHED: 2019-08-17
Zabbix through 4.4.0alpha1 allows User Enumeration. With login requests, it is possible to enumerate application usernames based on the variability of server responses (e.g., the "Login name or password is incorrect" and "No permissions for system access" messages, or just blocki...
CVE-2019-15133
PUBLISHED: 2019-08-17
In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero.
CVE-2019-15134
PUBLISHED: 2019-08-17
RIOT through 2019.07 contains a memory leak in the TCP implementation (gnrc_tcp), allowing an attacker to consume all memory available for network packets and thus effectively stopping all network threads from working. This is related to _receive in sys/net/gnrc/transport_layer/tcp/gnrc_tcp_eventloo...
CVE-2019-14937
PUBLISHED: 2019-08-17
REDCap before 9.3.0 allows time-based SQL injection in the edit calendar event via the cal_id parameter, such as cal_id=55 and sleep(3) to Calendar/calendar_popup_ajax.php. The attacker can obtain a user's login sessionid from the database, and then re-login into REDCap to compromise all data.
CVE-2019-13069
PUBLISHED: 2019-08-17
extenua SilverSHielD 6.x fails to secure its ProgramData folder, leading to a Local Privilege Escalation to SYSTEM. The attacker must replace SilverShield.config.sqlite with a version containing an additional user account, and then use SSH and port forwarding to reach a 127.0.0.1 service.