- Protecting Sign-In and Transactions
- Web Fraud Detection
- Adaptive Authentication
- Forensic Capabilities
There is no silver bullet to solve authentication or user verification on the Internet. Security architects must apply numerous solutions in parallel to thwart attackers.
Behaviometric solutions bring a new security dimension by verifying the identity of, not only the token, but also the person that is using the token.
In order to achieve secure transactions BehavioSec introduces BehavioWeb the continuous verification of end-users for Online and Mobile services.
A new factor for Risk Management
BehavioSec is the innovator in Continuous Verification of end users through Behaviometrics (behavioral biometrics). In an online environment it is called BehavioWeb and is a solution to monitor and analyze behaviour based on the interactions with a ‘connected device’ to create complete trustworthy communications.
Does your service know who is using it?
Using BehavioWeb will allow all transactions to be secured with the sender’s behavioural pattern included. Where existing token based products (such as PKI and OTP) provides verification from the token, it does not verify that it is, in fact, the intended user that is initiating and verifying a transaction.
How does it work?
Each person has their unique behaviour when interacting with a web page through a computer’s and/or Smart Phone keyboard & user interface. Without affecting the normal workflow, BehavioWeb continuously verifies the active user to make sure that it is the same user during the whole session by monitoring their Behaviometrics. BehavioWeb collects behavioural statistics of your usual usage patterns and sends a similarity ratio together with the transaction. The issuer receives more data from the BehavioWeb solution to determine whether the session behaviour fits the active profile therefore adding a new factor for risk mitigation.
Installing BehavioWeb is easy and will allow it to learn the users’ Behaviometrics. Within a short time Behavio is accustomed to the user and will present the similarity (or risk value) to the service provider. This information can be used with existing solutions for individual risk assasment and signal for anomalies in user behaviour for further investigation.
- Transparent: Without a user agent installation, modifying normal work flow or requiring specific training our solution collects behavioural statistics of regular usage patterns.
- Scalable: The solution is easily integrated into existing web infrastructure by utilizing open standards on Enterprise Java Beans that can be served by Tomcat, Glassfish or equivalent platforms.
- Tracing functionality: The aim is also to compare the collected behavioural profiles against a known user base to match against for example known fraudulent users or specific demographic