BehavioSec released a series of new features to its BehavioSec Behavioral Biometrics Platform (Version 5.0) giving banks, fintech firms, retailers and cloud service providers authentication defenses against costly account hijacking and fraud committed with stolen passwords and other credentials.
BehavioSec’s software platform defending Web portals, storefronts and mobile apps can now detect suspicious use of attack obfuscation techniques, including the use of virtual private networks (VPNs) and TOR-routed traffic during login attempts and sessions. The platform also adds Docker container support to simplify on-premise deployments and a real-time feed of more than 1.5 billion compromised devices, pushing anti-fraud defenses further out to identify attackers before they begin compromising accounts.
“Our financial services, retail and other customers all have common digital transformation goals – they need to rapidly scale security in ways that drive customers’ trust and improve the user experience across Web and mobile interfaces,” said BehavioSec VP of Products, Jordan Blake.
“Today with Docker support, enhanced detection and integration updates, we continue to turn the tables on fraud by making ‘the human algorithm’ the strongest link in security. By continuously authenticating users according to unique behavioral attributes – instead of a password or text message someone can steal – BehavioSec reinvents anti-fraud as traditional password-driven security is increasingly known for performance limitations and needless friction.”
“Mobile-driven fintech plays and digital transformation in financial services increase pressure on institutions to rethink how they fight fraud and manage the user experience on new digital platforms that are their future,” said Al Pascual, Senior Vice President of Research and Head of Fraud & Security at Javelin Strategy & Research. “As banks and credit unions grapple with how to prevent account-takeovers from denting their new mobile and digital-first offerings, they turn to behavioral biometrics as part of the foundation for interaction.”
The BehavioSec Behavioral Biometrics Platform integrates with Web and mobile applications to give organizations continuous authentication protection for existing user credentials. Analyzing user behaviors including typing patterns, touchscreen pressure and device handling, BehavioSec spots differences between how authorized users and malicious bots or imposters behave. This provides assurances that compromised credentials cannot be readily used for fraud and helps businesses improve risk scoring by flagging transactions and logins requiring additional screening.
New features in version 5.0 of BehavioSec’s platform include:
New account fraud detection
- Global profiling: Detects suspicious activity by comparing new users’ sessions to those in BehavioSec’s entire protected population, helping detect new account fraud even when users have never been seen by BehavioSec or the protected organization before.
- Identifying bad actors on first connection: Uncovers attempts to hide origin via use of VPNs, TOR and other proxy services and flags inherently suspect requests by matching against a real-time feed of more than 1.5 billion compromised devices.
- Continuous touch support: Utilizes continuous touchscreen gesture information, enhancing detection on mobile devices even when on-screen keyboard usage is limited.
Deployment and integrations
- New detection algorithms reduce the number of interactions necessary to profile and recognize individuals and improve the detection accuracy of bot and remote access threats.
- Docker container support: Further simplifies on-premise deployments in many environments.
- Case management: Expands how organizations’ fraud analysts manage decisions made by BehavioSec’s rules engine and automates integration of fraud alerts with third-party case management systems.
These features expand four specific advantages for BehavioSec’s customers:
- Accuracy: BehavioSec’s platform is proven to yield low false positives and deliver information for real-time fraud detection and forensic purposes.
- Availability: BehavioSec’s platform can be deployed on-premise or in the cloud by the enterprise, giving customers flexibility and control over end user privacy.
- Authentication: Efficiently combining identity and security functions, BehavioSec studies behaviors to spot suspect activity, denying blind spots necessary for remote access threats (RATs) malware, bots, man-in-the-browser (MITB) attacks and other threats to compromise accounts or files.
- Value: Customers discover cost savings from lower fraud incidences, coupled with fewer customer support calls and false positive issues associated with traditional authentication tools across billions of transactions and continuously verifying millions of users.
BehavioSec recently joined a SANS Institute webcast defining behavioral biometrics and detailing the results of a hands-on product review of BehavioSec’s platform. Recent awards include BehavioSec’s inclusion in CB Insights’ Fintech 250 list of companies transforming financial services and in the prestigious “GSMA 100” noting innovations in secure delivery of mobile content and services. A previous winner of the coveted SINET 16 security start-up competition, BehavioSec’s key partners include Cisco, Crossmatch, Gemalto, NEVIS, Nuance and OneSpan.