• BIOMETRIC UPDATE - BehavioSec updates behavioral biometrics platform for hosted, cloud deployments ... Learn More >>

  • MOBILE ID WORLD - Newly Granted BehavioSec Patents Detail Mobile-based Behavioral Biometrics, Social Engineering Detection ... Read It >>

  • PLANET BIOMETRICS - BehavioSec updates behavioural platform ... New! >>

Learn More »

Get started with Free MFA in minutes with 5 simple steps and experience the power of behavioral biometrics

  • Anton Klippmark
  • Blog
  • Share

We at BehavioSec recently made behavioral biometrics more accessible by introducing four new editions – all powered by our state of the art behavioral biometrics platform. These new editions include two API-based SaaS MFA services, Free MFA and Workforce MFA, that makes it possible for organizations of all sizes to consume seamless security previously only available to the most sophisticated enterprises.

To illustrate how easy behavioral biometrics now is, we have created a simple docker demo to get you started in minutes. If you don’t have docker installed, you can get docker for free here:  https://docs.docker.com/get-docker/

Step 1:

Sign up for a Free MFA account.

Getting started with BehavioSec is free and easy. By signing up on our website you are assigned our Free MFA edition, allowing you to protect up to 1,000 users free of charge. If that is not enough, or if you need other features, like mobile support, you can quickly upgrade to Workforce MFA with a few clicks.

Step 2:

Create your own API credentials in our dashboard.

Our Rest API calls are secured with a key pair, API key and API secret. Key pairs are individually generated for each active BehavioSec account. You can get them from the Account page.

Remember to save your API Secret, if you fail to save it, you’ll have to reset your credentials to get a new one.

Step 3:

To run the app, use the following command in PowerShell or your tool of choice and replace YOUR-BEHAVIOCLOUD-API-KEY and YOUR-BEHAVIOCLOUD-API-SECRET with the API credentials you created in Step 3.

docker run –rm –name behaviocloud-demo -it -p 9999:9999 -e BEHAVIOCLOUD_APIKEY=YOUR-BEHAVIOCLOUD-API-KEY -e BEHAVIOCLOUD_APISECRET=YOUR-BEHAVIOCLOUD-API-SECRET behaviocloud/demo

If you have any issues, you can visit our bitbucket to find more guidance on how to use our demo app.

Step 4:

Now that you have our demo running in your docker container, you can visit http://localhost:9999/ to find the demo interface.

You can now either use our pre-defined users or create your own by following the instructions to declare custom users in our bitbucket guide.

The pre-defined users are:

User 1:

User 2:

As you use our demo app, BehavioSec analyzes how you do so with behavioral biometrics. Behavioral biometrics is the measurement of the people’s behavioral characteristics. In BehavioSec, these characteristics include activities like keystroke dynamics, mouse movements, mobile device motion, and swiping.

Using machine learning techniques, BehavioSec silently analyzes how each user behaves when interacting with an app, in this case our demo app, and develops a Profile for each user. Each time a user logs in, BehavioSec uses their individual Profile to compare against the current behavior and therefore confirm that the user is who they claim to be, independent of other authentication factors such as knowledge questions and possession elements, like tokens.

Step 5:

Once you’ve signed in a few times, you can visit the dashboard and see your sessions.

Every session is evaluated for a multitude of risk factors, so you know which sessions to let in and which that require more attention. Once you’ve run the demo a few times, our machine learning engine will have created a strong behavioral profile just for you – that is when we consider your profile “Trained”.


That’s it – you can now try it with your own applications by following the simple steps in our dev docs.

Once integrated with your apps, you can deliver the BehavioSec Risk score and other detailed metrics to any decisioning, risk or IAM platform in real-time through REST API. You can find more info about all of our API calls in our dev docs. Once deployed, our Risk score is designed to work as your primary MFA, verifying users seamlessly with their own behavior instead of tokens or SMS passcodes.

To learn more about our new editions, visit our features comparison and see which package best meets your needs.