BehavioSec’s Behaviometric technology has been successfully integrated into the HID ActivID Authentication Server , adding another layer of security to the ActivID Threat detection service and strengthens one of the weakest links in today’s IT security solutions.
Benefits of BehavioSec Integration with ActivID Authentication Server
- Improved user-experience by using the behavioral “fingerprint” as an authentication mechanism for step-up authentication or transaction approval. The additional layer of security is added in a completely transparent manner from the user perspective. Users will not be asked to re-authenticate if the system is confident that a user is who he/she claims to be, based on behavior, device type, location and other user transparent parameters collected and analyzed by the HID Identity Assurance Fraud Detection System.
- Increased security by adding transparent behavioral analysis to each user interaction with the application or system. This makes the initial authentication more secure, but also provides protection on an on-going basis after the initial login. The lack of this capability is one of the weakest links in today’s security solutions.
- Strengthened audit capabilities by capturing deviations in user behavior. This can prove to be useful information in forensics studies around internal and external data breaches. The Behaviometric data can help assess whether a session was hijacked or if it was the authenticated user who has committed the fraud.
How It Works (Example)
Scenario 1: User Login
1. User logs into her banking application through her browser using a username and password.
2. A script is invoked through the banking application and user behavioral data points are collected.
- User does not need to install anything in the browser
- The script will automatically run without the user’s awareness
- User’s on-going keyboard pressing patterns, including speed, frequency and pressure, when interacting with computer applications and websites are used for analysis.
3. Banking application connects to ActivID authentication Server and sends password and behavioral data.
4. ActivID authentication Server passes the behavioral data to BehavioSec with a request for analysis of user behavior.
5. BehavioSec analyses the behavioral data and generates a risk score that is sent to ActivID authentication Server. ActivID authentication Server verifies the password and provides the risk score to the banking application.
6. Based on the risk score, the banking application may grant access to the user or ask the user to re-authenticate (step-up authentication) using a stronger authentication. For example, using a One Time Password (OTP) generated from a keychain token or an Out of Band (OOB) authentication using mobile phone or email.
Scenario 2: Session Monitoring:
1. The script that’s invoked in the banking application during initial login will continue to provide behavioral data to ActivID authentication Server throughout the session and ActivID authentication Server , integrated with BehavioSec, will continuously monitor the user’s activity pattern.
2. If the activity pattern deviates from the user’s regular profile, ActivID authentication Server will immediately alert the banking application of potential breach. For example, a malicious user, after successfully hijacking an authenticated user’s session will not be able to make any successful transactions.
3. By analyzing how the user works with the keyboard (e.g., typing rhythm), mouse movements (e.g., acceleration time, click frequencies) and graphical interface interaction (e.g., using programs), it is possible to recognize and confirm the identity of a person. For example, on obtaining the right password, a malicious user would not be able to successfully authenticate with the banking application.
4. The user essentially does not need to perform any additional step beyond being herself. The combined integrated solution offers a new generation of information security feature simply by using the individual as its core asset without hindering user experience.
A Complementary Solution
Identity and Access Management has traditionally been positioned as the front gate of IT Security. In order to pass the gate, a user must be able to bypass various hurdles to prove to the system “I am who I claim to be.” And yet, once your identity has been verified, the security shield almost disappears. As long as the system detects some kind of continuous activity, there are no other checks to certify you are still the same person. It would come as no surprise that need for security will continue to foster. However, as the need to higher security thresholds increase, users begin to be weighed down by the onerous process for identity verification.
What if there’s a solution that increases your security without you having to change anything?
HID Identity Assurance’s ActivID authentication Server together with BehavioSec’s Behaviometrics technology is the perfect solution pairing. BehavioSec’s Active Authentication adds another layer to the ActivID authentication Server, transparently, without replacing established security practices. This solution not only benefits the financial sector for online banking but it also increases the auditability and traceability of the enterprise solutions.
For more information on HID Global, please visit http://www.hidglobal.com/partners/behaviosec.
For more information on the integration of BehavioSec technology with ActivID authentication Server please contact us.