The Infosys Labs research blog tracks trends in technology with a focus on applied research in Information and Communication Technology (ICT)

« Wearables in Banking | Main | Cloud Migration in Banking Industry »

Continuous Authentication

The world is rapidly changing; smart phones, laptops, and wearables have altered the way we live. Today people frequently switch between and share devices with each other. Over the years, organizations and regulators have mandated the authentication of users in an attempt to prevent fraud and protect personally identifiable information.

Increased focus on user engagement has forced companies to avoid excessive authentication related tasks in order to enhance customer experience. However, by adopting this strategy they risk compromising customer data and hacking. Conversely, fraud avoidance is also a primary concern for organizations and they enforce extra barriers such as two-factor authentication and short login timeouts which increase account security, but it comes at the cost of user experience.

Continuous authentication has emerged as a promising option for companies trying to provide secure services to clients in a digitally vulnerable world. Continuous Authentication is a dynamic, risk based authentication that changes the procedure of authentication such as event based authentication used today to a process. Instead of users logging in or out, the application continuously authenticates the user through behavioral biometrics.

Continuous authentication uses behavioral biometrics to enable organizations to move away from one-time authentication, thereby increasing security and improving user experience. Behavioral biometrics uses machine learning to continuously monitor the user's behavior based on interactions with apps and websites. Malware and frauds with login credentials are easily identifiable with the application of continuous authentication. Yet, behavioral biometrics' s biggest advantage is that the technology is capable of working with existing infrastructure without requiring any modification.

Another key advantage is the ability to assign user action constraints based on tolerable risk or context. These constraints can be based on factors such as location, presence of other people or the time of day. Infact, behavioral biometrics has been approved by the PSD2 as a valid authentication option.

Startups like BioCatch, authenticate users continuously when their online and protect them from cyber threats. Some examples are Trojans, account takeover and other malware. The company is already providing real-time fraud prevention for 2 billion sessions a month.

Continuous authentication is the first true alternative to pesky passwords and an effective method to prevent fraudulent transaction which amount to around $130 for mobile transactions and about $115 for tablets on a normal day. The technology stands to secure the way interact with the digital world while streamlining the entire experience.

References:

https://blog.securedtouch.com/strengthening-mobile-payments-with-continuous-authentication

https://www.csoonline.com/article/3179107/continuous-authentication-why-it-s-getting-attention-and-what-you-need-to-know.html

https://www.okta.com/security-blog/2018/03/what-is-continuous-authentication/

https://www.networkworld.com/article/3121240/continuous-authentication-the-future-of-identity-and-access-management-iam.html

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Please key in the two words you see in the box to validate your identity as an authentic user and reduce spam.

Subscribe to this blog's feed

Follow us on