The remote work trends have been accelerated by six to 10 years due to the COVID-19 pandemic. This way of working has stretched the current connectivity infrastructure, so hackers and fraudsters have found new ways to exploit security vulnerabilities. Every home or public connection which may not have been secured as needed for its current use is a potential target.
In this environment, we need additional safety mechanisms to ensure the right person is accessing the right network and information. Two factor authentication (2FA) or multifactor authentication (MFA) solutions are being deployed to satisfy this need.
Authentication workflows tend to add security in a system at the expense of convenience. Depending on the use case at hand, some companies have been able to lean towards convenience: optimizing for user experience over security. Unfortunately, we cannot afford to continue optimizing for user experience over security when most of the transactions in an individuals’ life are happening digitally. There is just too much at stake.
It has been easier for companies to enforce 2FA and MFA policies on their employees than for consumer companies to enforce these policies on their end users. If you need to access a certain work digital tool and the company you work for mandates 2FA, you will have to hump through those hoops. This is not the case with consumer applications and digital tools. There is a risk for the consumer app developer that as they add more friction in the name of security, the higher the drop in user conversion rates and hence, the higher the business losses.
Is there a way to break this trade-off between security and convenience? It turns out there is!
Biometric technology enables us to uniquely verify and authenticate a person’s identity based on one or more characteristics deemed unique to a particular individual, such as their face or physical fingerprint, which can help reduce the friction users endure every time they go through an authentication process to complete a transaction. That said, these “traditional” biometric factors have not worked so well during the last year when many of us have been using masks and gloves.
This is where behavioral biometrics come in. Each one of us is unique not only due to our unique physical features like our face or fingerprint, but we are also unique in the way we behave. Each one of us has different habits and routines, and we all move and walk differently.
Our unique behaviors and habits can be recognized by the sensor readings from our smartphone. Then, we can create a model of those behaviors to compare against. By using this recognized model as a reference, we can determine if someone is who we think they are (or who they claim to be).
Behavioral biometrics can help us create experiences where we can take what is unique about an individual to identify and authenticate them just for being who they are (and behaving that way). Users can go on with their day and the machine learning does the rest.
Below you will find some of the use cases in which behavioral biometrics is making a difference:
- Physical Access: Access a home, office or car door with a phone in your pocket and the door will unlock as you walk towards it. The machine learning models can attest that the phone is in your possession and it is indeed you walking towards that door.
- Digital Commerce transactions (both online and at a POS in a brick & mortar store: When making a purchase, the 2FA for payments could be done via behavioral biometrics without adding any friction to the end user while adding the extra level of security.
- Discerning humans from machines: Behavioral biometrics can differentiate between human behaviors and others, which can help prevent bot attacks.