Behavioral biometrics, machine learning and risk assessment – the future of online user authentication

Last updated: 07 November 2017

The majority of today’s transactions have a digital element to them and that makes it extremely important to verify who we are since online identities are easy to fake. This is done in a number of ways with PIN entry, fingerprint authentication and now facial recognition the most widely recognized techniques. Howard Berg, Senior Vice President and Managing Director for Gemalto UK, recently spoke about a technology for authentication that goes beyond the PIN and password, something called Behavioral Biometrics.

But what is Behavioral Biometrics and how are they implemented in the financial world? A summary of Howard’s interview is below, or you can watch the whole this here to find out.

Howard’s focuses on providing insights on one simple question: How can behavioral biometrics combined with machine learning and risk assessment techniques provide a much more innovative approach to online user authentication?

But before we tackle this question, let’s quickly discuss what Behavioral Biometrics are.

Behavioral Biometrics – a recap

Behavioral Biometrics are each person’s unique rhythm of their key movements such as their signature, the way they type keystrokes, or their voice.

They can be divided into two areas. The first is the individual’s behavior when using their mobile phones. The second one is the device itself and its IP address – do we recognize it? Can we identify its location or is it hidden from us? At Gemalto we then go further to look into the SIM in the device and if it’s been in any type of transaction that might be questionable, but not necessarily fraud.

From all this information, Gemalto builds up a pattern and provides assurance to the bank that the person who is using this device is who we expect it to be.

How can individual merchants and banks use this technology?

Gemalto’s SEO Assurance Hub is cloud based and is designed to provide frictionless experience for the user, where we bring in other partners of the services, meaning that the interaction with the bank or individual merchant is very simple. We provide the service to them in a single cloud-based solution, so that individual merchants or banks do not have to invest in new terminals.

In a crowded market, how do banks/ financial services decide which risk management offering to choose?

At Gemalto we partner with ‘best in class’, so the ‘hub’ word from Assurance Hub is about partnering with other companies that are specialists in their areas – be it biometrics identification, SIM swap, etc., to produce a solution that enables a bank to have a single contract with Gemalto, but take the services of many solution providers.

Bank cards with fingerprint authenticationhow is this going to work?

“That’s about moving to the next generation of authentication. We’ve used a signature for many years and we’ve become used to PIN codes and the question is what next and we believe that’s biometrics.”

The biometric card has a simple pad on it where you place your finger, and it compares it with your fingerprint that has already been stored on the chip of your card. No information is sent to third parties for authentication, it’s all done on the card which is powered by the terminal on the point of sale. From there, it compares your fingerprint to the one stored on the card and confirms the match.

How difficult is for banks to stay ahead of cybercriminals?

It is a challenge that we and our customers are working on all the time. The skill is to stay one generation ahead, meaning that every time we bring out a solution we’re looking at the next generation as we know there will be fraudsters looking to break those solutions.

“As long as we’re staying one generation ahead – we are winning the battle.”

Biometrics can deliver a new era in digital authentication for financial institutions. If you have any thoughts on these new technologies, get in touch in the comments below or @Gemalto.

One thought on “Behavioral biometrics, machine learning and risk assessment – the future of online user authentication

  1. Having a fingerprint card will reduce fraud and making it safer and easier in everyday life is my thought. It is important to make it difficult for those who commit these fraud.

Leave a Reply

Your email address will not be published. Required fields are marked *