Behaviometrics
– More Secure than Fingerprints?
“Behaviometrics”
is a portmanteau of behavioural and biometrics – technologies
and methods used to measure and analyse. Behavioural characteristics
is the term used to refer to the manner in which we interact with the
world around us – how we walk, sit, type etc. Physiological traits
(fingerprints, facial images, eye characteristics) have formed the
basis of biometric security measures.
Behaviometrics
is the next step in ID verification, measuring how we move based on
our physiology to recognize and verify the individual. Not just how
we walk or sit but also how we talk, the vocabulary that we use, can
distinguish us and are thus viable identification markers.
Individual
differences are also found in the way in which we interact with
physical devices – smartphones, tablets, keyboards, touch screens
and peripheral devices (such as a mouse). Again, these traits can be
used to authenticate the individual.
Behaviometrics
can add a much needed additional layer of security in the fight
against cybercrooks – eventually we will be able take advantage of
advances in AI to create multi-factor authentication that encompasses
traits such as facial muscle motion or the manner in which we hold
the device that we use to enter our login details. Behaviometrics
will create an adaptive security net that routinely updates itself
based upon user behaviour.
Increased
online economic activity has lead to greater criminal efforts in the
cyber-sphere. This increase in legitimate use has been matched (if
not superseded by) the growth in the criminal utilization of online
opportunities.
Growing
sophistication in methods of identity theft have caused financial
institutions and government bodies to improve security relating to
personal data. Multi-factor authentication is now the absolute bare
minimum level of security used by organizations that claim to be
security conscious.
What
is Multi-factor authentication?
MFA
is the practice of sending a code to a known device or an email to an
address associated with the individual. This approach combines
authentication of something a person knows like a password with
something they own, a mobile device.
One
of the main weaknesses of this system of MFA is that the token may be
accessible on the same mobile device being used to access the
account.
Behaviometrics
could be the next step in cyber security, a viable tool to address
the current gaps in today’s security measures. The question now is
whether it has reached a level of maturity where it can be broadly
adopted?
Studies
in Behaviometrics:
Identify
users by their footsteps
“...a
system for identifying people based on their footstep force profiles
and have tested its accuracy against a large pool of footstep data.
This floor system may be used to identify users transparently in
their everyday living and working environments. We have created user
footstep models based on footstep profile features and have been able
to achieve a recognition rate of 93%.”
“By
using behaviometrics-based approaches, the smart home may identify
residents without requiring them to carry a tracking device, nor use
privacy insensitive recording systems such as cameras and
microphones. With the ability to identify the residents through
behavior, the smart home may better react to the multitude of
inhabitants in the space.”
Downside?
The accuracy of the profiling
eradicates any current privacy methods - it renders TOR and VPNs
useless. Third parties could find means of linking behaviometrics to
individual users. Users would need to find tools/plugins that will
obscure their identity.
0 comments:
Post a Comment