Is 2017 the year for Behavioral Biometrics?

Feb. 2, 2017 | by BioCatch

After facing ever-evolving threats, and reluctantly acknowledging they are “not resilient” to cyber attacks, many organizations are looking to expand their cyber security arsenal. The desire to prevent financial or reputation risk will drive increased awareness of behavioral biometrics in 2017.

Bracing for Cyberattacks in 2017

Big cybersecurity breaches remain newsworthy. At the end of 2016, cybersecurity chatter was either surrounding U.S. election hacking or Yahoo’s announcement that more than 1 billion of its user accounts had been compromised (on the heels of a major hack announced in October).

Nevertheless, there is a certain air of inevitability around attacks. After all, only 25% of 600 IT pros surveyed in a Ponemon Institute survey ranked their organizations as “highly resilient.” To our surprise, the vast majority ranked their organizations at or below a six out of ten (that’s a D at best on most academic scales).

3 out of 4 organizations admit they aren’t ‘resilient’ to cyberattacks — Ponemon Institute

As threats such as social engineering, malware and account takeovers become more prominent in risk assessments, organizations of all sizes, across verticals, will increasingly turn to new innovations to amp up their security. In identifying its Ten Top Trends of Biometrics and Digital Identity, Acuity Market Intelligence last week characterized 2017 as a “breakout” year for biometrics. The firm identified the mainstreaming of behavioral biometrics as its no. 1 trend in 2017. 

87 smartphone vendors introduced 346 biometric smartphones in 2016. — Acuity Market Intelligence

The Boom of Behavioral Biometrics

Traditional modalities have proven their worth for logon authentications. Yet, today password authentication and two-factor authentication are easily circumvented.

There are many examples of well-intentioned individuals clicking on a link in an email that inadvertently installs malware or, upon receiving a password reset email, logging into a mirror site, designed to look like the company’s network, and allowing the hacker to capture his/her credentials. With cyber fraud techniques gaining sophistication, the need for a passive, continuous modality is becoming clear.

In 93% of cases, it took attackers minutes or less to compromise systems. — Verizon Data Breach Investigations Report.

New innovations focus instead on continuous authentication of identity throughout an online interaction. After all, initial authentication of users, without follow up, doesn’t make a dent in detecting or preventing cybercrime. On the other hand, behavioral biometrics, which can profile legitimate users and recognize non-human impostors such as malware and bots in order to maximize detection and lower false alarms, provides ongoing authentication without disrupting user experience.

Establishing persistent identity is key, suggested Tim Sloane in the Mercator Advisor Group’s new report on Biometrics. “Behavioral dynamics will play an increasingly important factor in establishing trust.”

Establishing persistent identity is key, suggested Tim Sloane in the Mercator Advisor Group’s new report on Biometrics. “Behavioral dynamics will play an increasingly important factor in establishing trust.”

The UK bank NatWest, for instance, announced in November its deployment of BioCatch’s platform to monitor activity and protect its more than 14 million customers from fraud. Continuously examining the way people scroll, how they type, toggle between fields and use shortcuts, behavioral biometrics can identify individual users to determine who or what is behind a session, not just what device was used to login.

It's no wonder, then, that behavioral biometrics is the third most popular biometric technology, behind finger and face, and tied with iris, in a survey of 165 professionals in biometrics and identity-related industries conducted by FindBiometrics.com.

 

Biometrics favorites

By analyzing human-device interactions, BioCatch’s platform focuses on preventing fraud, by authenticating legitimate users and recognizing non-human activity, while providing online and mobile users with a frictionless experience.

 

Sources

Acuity Market Intelligence. (2017, January 26). Acuity Market Intelligence Releases "Ten Top Trends for Biometrics and Digital Identity" for 2017. http://www.prnewswire.com/news-releases/acuity-market-intelligence-releases-ten-top-trends-for-biometrics-and-digital-identity-for-2017-300397648.html

Acuity Market Intelligence. (2017, January 5). Biometric Smartphone Market Explodes in 2016; 100+% Growth with 346 Models from 87 Vendors. http://www.prnewswire.com/news-releases/biometric-smartphone-market-explodes-in-2016-100-growth-with-346-models-from-87-vendors-300386541.html

Findbiometrics. (2017, January 9). Year in Review 2016: The Dedicated Roundup. http://findbiometrics.com/yir-2016-dedicated-roundup-401169/

Hackett, R. (2015, September 18). 3 out of 4 organizations admit they aren’t ‘resilient’ to cyberattacks. http://fortune.com/2015/09/18/schneier-cyber-resilience/

Sloane, T. (2017, January 13). Biometrics: A New Wrinkle Changes the Authentication Landscape. https://www.mercatoradvisorygroup.com/Reports/Biometrics--A-New-Wrinkle-Changes-the-Authentication-Landscape/

Verizon. (2016). Data Breach Investigations Report [Executive Summary]. http://www.verizonenterprise.com/verizon-insights-lab/dbir/2016/

Topics: Cybersecurity