Samsung SDS will integrate BioCatch's behavioral biometrics to its Nexsign biometric authentication platform, the companies have announced.
Nexsign is Samsung's FIDO-certified biometric authentication software for the enterprise that allows users to forgo the use of passwords multiple times and use fingerprint, face, and voice for logins.
BioCatch's solution, which will continuously monitor users after login by mapping their behavioral patterns, will add to FIDO's device and server-level protection, the companies said. The technology validates user interaction using 500 different parameters during a session to determine whether the user is a human imposter, malware, or bot. When users log on to a mobile app, it will require step-up authentication or additional biometric tests; one or more depending on transaction.
"We are continuously looking at ways to enhance our platform with different modalities" said Richard Lobovsky, vice president, Samsung SDS America, in an interview with ZDNet. "We felt that behavioral biometrics could be a nice complement to our FIDO platform.
"FIDO platform intermittently challenges users with authenticate when performing higher-risk transactions during the workflow through mobile or web apps, whereas the behavioral piece is a continuous monitoring, being able to detect hackers trying to interrupt sessions or change IP addresses. We saw a lot of value in the combination of the two."
The average fraudulent transaction is priced at around $130 for mobile and $115 tablets, the companies said. 55 percent of consumers use the same passwords for online banking, emails, and social media accounts, putting them at risk of fraudsters that simply bypass log-in. The firms said their aim is to minimize this risk while offering a seamless experience.
"When it comes to mobile transactions, one of the main hindrances is solving the problem of security versus experience and convenience," said Frances Zelazny, vice president of BioCatch. "Different organisations and users want to deploy different experiences and choice and how they authenticate themselves and Samsung SDS's support of all the modalities is very important. The addition [of the] behavioral and continuous authentication will help to deliver on the promise."
"What we will continuously see in the biometric industry is more emphasis on anonymization of biometric information and template," Zelazny said. "Traditional behavioral biometrics was limited to keyboard strokes. But just in the last year understanding of the technology improved drastically, and coupled with the security issues exposed recently, there is a real conversation going on about security. Adoption is increasing rapidly. We were handling 500 million to 1 billion transactions per month; [now] we are seeing up to 5 billion.
"Biometrics has really opened up in mobile the mobile environment few years ago. There are companies really focused on this space and a lot more willingness out there for adoption," said Lobovsky. Besides public companies and traditional financial institutions, the variety of adoption of such solutions is also seeing a jump, he added.
"In the future, monitoring in biometrics will improve to real-time. Collected data will also make them more accurate," Shankar Saibabu, director of Solutions Architecture at Samsung SDS America. "There are also new modalities, such as palm, coming in biometrics. These will all evolve over time to give more seamless experience for users."
Correction 1:42pm AEDT October 24, 2017: Quotes attributed to Richard Lobovsky, vice president, Samsung SDS America.
PREVIOUS AND RELATED COVERAGE
Samsung ARTIK Cloud Monetization allows device manufacturers to create service plans for connected devices.
Samsung SDS's AI-based analytics platform Brightics AI is aimed at the enterprise market.
Samsung SDS will connect its FIDO-based biometric solution with Oracle's Identity and Access Management (IAM) solution.