At Finovate this week, BioCatch, a firm specializing in capturing and analyzing cognitive biometrics, demonstrated a new trend in mobile security. This concept has been rapidly adopted and is wildly effective among major banks and e-commerce firms to stop fraud at the point of sale.
Behavioral authentication tools are capturing the behavioral footprint or cognitive DNA we all use when interacting with a device, be it a PC or a mobile application. A mobile device's gyro can capture the tilt of the user's hold, and the accelerometer captures swipes, pinches, zooms, and typing cadence. It takes only an application upgrade to start capturing subtle bio-behavior data and relaying it back to the bank to build user profiles.
If the sensors and signals show enough divergence in behavioral genetics, it can indicate an account takeover, even if all other elements -- like username, passwords, IP address, and device identification -- appear legitimate.
Malware also has DNA of its own in the scripts that are meant to go in and populate credentials in accounts and execute wire payments or whatever it is designed to do. The scripts are meant to look human, but they can look too perfect, or maybe too efficient. Even with malware scripts that have been made anonymous and developed to be polymorphic (coded to do things differently each time), there's still an underlying behavioral DNA.
[Read the full story on Wall Street & Technology]
Becca Lipman is Senior Editor for Wall Street & Technology. She writes in-depth news articles with a focus on big data and compliance in the capital markets. She regularly meets with information technology leaders and innovators and writes about cloud computing, datacenters, ... View Full Bio