BehavioSec – ‘The Behavioural Fingerprint for Continuous Authentication’

With technology rapidly accelerating, cyber criminals and hackers continue to find ways and means to adapt and find new and innovative ways to circumvent security defences. Identity Access Management (IAM) & Multi-Factor Authentication (MFA) are two typical methods that enterprises and mid-markets use to authenticate a user onto business critical systems as well as your typical application stack.

Cyber security hacking has intensified and has increased to such a point, it’s beginning to reduce the effectiveness of typical approaches to IAM. IAM is no longer simply about compliance or IT automation, attacks can be prevented or mitigated with the correct application of IAM, carefully considered with the correct tools (such as Provisioning, Governance, Multi-Factor Authentication, Privileged Account Management, and others). IAM is only one piece of the puzzle, a layered approach across all areas of IT is the most prudent strategy and allows businesses to be confident in their security posture. There are typically three main issues with IAM; Weak passwords, weak authentication protocols and provisioning / deprovisioning.

MFA remains ones of the best approaches to secure online access to resources. However, security of online assets may be at risk if default configurations or weak configuration options are implemented (like IAM).

Different ways to bypass MFA may emerge over time and various techniques may be used in such attacks. Whilst there are a number of key players in this area (RSA, Duo Security, Gemalto), MFA also suffers from issues, this can often be down to how the solution is setup by organisations and the ongoing management. Ensuring the option to enroll the next time a user attempts to log on isn’t available to connecting users. If available, attackers with a valid password can complete the enrollment on a user’s behalf using the phone number of their choice before the legitimate user ever accesses the system. Ensuring the voice call or text clearly explains that the purpose of the call is to authorise a pending login request.

Educating users is probably the biggest issue that businesses face, cyber-attacks are seemingly now looking to target users to infiltrate enterprises and exfiltrate sensitive information. Sophisticated new approaches from hackers see them monitoring staff’s social media accounts to create innovative phishing attacks, what means do these hackers have to secure user login credentials? How do you know when a user is who they say they are when they authenticate? Could continuous user authentication be the answer to help bolster defenses? Will users accept additional layers of authentication that they deem to take too long and hinder their ability to do their jobs?

BehavioSec transforms behaviour into a transparent layer of security by monitoring in real-time the way users interact with their devices. Behaviosec’s technology recognises if the correct user is operating a device by monitoring the environment, rhythms, and interaction patterns that are unique to each user. To prove that it is the correct person using the credentials or token, a factor from the Inheritance category (something you are) must be used. These biometric factors allow enterprises to confirm that it is the correct user entering the credentials. Traditional biometric factors including fingerprints and facial recognition allow enterprises and Retail Banks to confirm that the person using the credentials is the right person but this requires additional hardware, the storage of personally identifiable biometric data (which adds another whole layer of complexity) and will only validate the identity of the user as they are logging into the system.

Any additional verification disrupts the journey and the user experience and let’s be honest, users can be quite difficult at the best of times. BehavioSec software allows businesses to add transparent biometrics for multi-layered security simply by recognising the interactions of a user while typing, swiping or moving the mouse. BehavioSec software monitors the usage with precision and detail by establishing a digital behavioural fingerprint, with continuous verification, it’s as if a user’s finger is always present on the reader. BehavioSec’s award winning technology recognises unique user behaviour and creates a profile that cannot be replicated, with no impact on usability and features, the flexibility to adapt to variations in the user’s behaviour. This frictionless, transparent, constant and accurate verification does not rely on additional hardware and allows users to access systems from any device including smart phones and tablets. BehavioSec’s software solution has been particularly strong in the Retail Banking as they cover; Fraud Prevention, protecting sign-ins and transactions, adaptive authentication and forensic capabilities.

If like me you have worked for companies that have been setup for remote access or virtual desktops, you’ll be well versed with Citrix (or VMware’s Horizon) and having to provide your usual login credentials and then a further level, usually in the form of a hard or soft security token. I was fortunate enough to spend time working for two Citrix Platinum Reseller's so I frequently encountered customers building and deploying Virtual Desktop Infrastructure and using various methods to secure the authentication piece, scarily there were both customers and businesses I had worked for that didn’t bother with authentication past a user’s login credentials. When a business lacks strong veri?cation methods, off-site workers usually receive limited access to company data, forcing some to bypass security protocol and keep data on portable drives. Today’s enterprises are looking for non-intrusive ways to strengthen authentication and keep the users experience seamless, after all that’s the end goal.

A particular enterprise had this very problem, BehavioSec’s BBaaS (Behavioural Biometrics as a Service) was implemented on the company’s web-application, protecting internal free-text communication, data storage, and email accounts. The company is able to adjust their data-access policies to best ?t their employees work-days (without negative impact on security) because BBaaS provides more than 98% accuracy continuously authenticating digital identities. The scalability of the BBaaS solution also allows the company to improve its security globally across all their employees without burdening off-site workers with interruptions to their work?ow to respond to security tokens.

There are so many use cases for BehavioSec and with it’s integration into ForgeRock a leading IAM technology platform, it’s definitely worth investigating. Keep your eyes peeled as I’ll be writing a whitepaper focussing on BehavioSec and IAM/MFA in collaboration with Razorthorn, a leading UK cyber and infosec consultancy.