Behavioural Biometrics 2.0: Persistent User Authentication

In a complex world, individuals and enterprises alike are facing many new and uncertain threat vectors, including identity thefts, ransomware, among others.



While remembering multiple usernames and passwords is tough for users, hackers are easily able to steal user accounts through phishing schemes or bypassing the login altogether.


In 2016, US $2.3 Billion was lost due to account takeovers by hackers. More recently, the Wannacry ransomware attacks attacked more than 200,000 computers across businesses spread over 150 countries.


Similarly, data breaches are on the rise involving the usage of valid user authentication. According to The 2017 Identity Fraud Study, conducted by Javelin Strategy & Research, 15.4 million people became victims of identity theft, resulting in theft of US $16 Billion. In comparison, in 2015, US$15.3 billion was stolen from 13.1 million people. Cumulatively, identity thieves have stolen US $107 Billion over the past six years.


Current forms of login authentication, including two-factor authentication, are not designed to protect or prevent destructive data breaches. Due to the significantly strict security measures in place to combat fraud risk, false alarms are generated. Current login authentication measures are not adept at distinguishing effectively between genuine and fraudulent transactions. On mobile banking apps, maintaining security while ensuring customer ease is a challenge. Two factor authentication methods require the input of passwords or captcha codes, answering security questions, as well as inputting the right passwords for various apps.


Given the growing scale and sophistication of threats, and authentication becoming the core of cybersecurity approaches, new technological tools are required.


Behavioural Biometrics: The New Frontier of User Authentication


Behavioural biometrics are based on subconscious consumer behaviours, and include the collection of a multitude of measurable data points, including for instance, the typing rhythm, or the speed of swiping the screen. Such a behavioural biometric profile on top of existing authentication tools, prevents identity thefts. Unlike passwords that can be stolen or copied, behavioural profiles based on user personality and their unique behavioural patterns, require the presence of the authentic user at all times.


Behavioral biometrics also exploit data including the methods used by users to transit between typing fields, or the pattern of internet browsing.


Behavioral biometrics supplements the strengths of legacy authentication methods manifold. It also ensures streamlined user authentication and seamless user comfort.


Given the multitude of data points that are captured by behavioral biometrics, hackers cannot hack the authentication process.


Some of the advantages presented by Behavioral Biometrics include the following:


  • The use of biometric profiles enables enterprises and banks to accurately identify legitimate transactions, leading to significant savings, brand trust and loyalty. It also enables enterprises and banks to screen fraudulent transactions more effectively, and prevent them.


  • The plug and play model of biometrics means swift implementation on smartphones within a day, minimising consumer burdens involving scenarios such as buying tokens or other authentication technologies.


  • The comfort of continuous authentication ensures the prevention of bots and unauthorized users from using the device or web application at any given time. Even in the event of an account takeover, continuous authentication results in the activity being labeled fraudulent instantly.


  • Behavioral biometrics lends to enhanced customer satisfaction and unmatched customer experience. Unlike the current authentication methods, which require the consumer to authenticate their identity repeatedly during use, behavioral biometrics continuously validates the unique user profile, ensuring that the consumer can focus on their work, without having to bother remembering tough passwords or without any compromise around security.


  • LinkedIn Social Icon
  • Twitter Social Icon