Behavioral authentication provides continuous authentication security for account access and transactions by continuously monitoring and scoring, in real-time, the way users interact with their computers and mobile devices via mouse movements, keystroke, and gesture dynamics. These actions, recorded and learned over time, are mapped to the returning user to generate a risk score. When the behavior of the user, trying to log in, does not match the known user model, the security platform can initiate “stepped up” authentication. This can include requiring additional biometric authentication (i.e. face recognition or fingerprint scan), correct response to a security question, or prompting for a secure one-time password.
How does Behavioral Authentication from VASCO work?
DIGIPASS for Apps Behavioral Authentication focuses on the “How” a user types and interacts with their device as opposed to the “What” they type. It does this by constantly monitoring and analyzing keystrokes, mouse movements, finger pressure, swipe patterns and more, comparing this activity with a unique user model to score a match. A low score, reflecting significant changes in the user behavior, serves as a red flag that some security policy action may be required.
Strong security in three simple steps:
Input Data: The behavioral Authentication solution is fed a constant stream of all common user behavior data including - mouse movements, key strokes, swipe patterns and more.
Analyze Data: In a short time, the platform is able to create an accurate behavioral model of each unique user.
Score Data: On a continuous basis, DIGIPASS for Apps Behavioral Authentication compares the current behavior with the known user model to determine a “trust score.” This score is used to flag potential fraud and drive some security policy action. It can also be consumed within a Risk Management platform, like VASCO’s IDENTIKEY Risk Manager, to improve the accuracy for fraud detection.
What types of behavioral data are utilized and across what platforms?
Behavioral Authentication applications include both desktop computers for online activities and mobile devices like smartphones and tablets. The types of behavioral data analyzed on desktops includes: Press, flight, sequence and mouse movement (see above). The data analyzed on mobile devices includes the same as desktops (minus the mouse) and includes other unique data elements like: Hit zone, pressure, orientation (how the user holds the phone), etc.