Gone are the days when online security could be trusted to a simple username and password combination or simple identity checks. As fraudsters got better at bending and breaking the system, e-commerce and digital banking initiatives had to keep pace, creating tough rule-based systems to check for fraud and adding new technology like IP detection and Device ID. But even these measures are no longer enough. The next great leap in digital security isn’t based on a device or a password, but on the user themselves.
User Behavioral Biometrics combines a biometric and behaviour-based analysis of the user. Until recently, security technology looked solely at what data was entered and what device was connected. But you can only understand so much about the user with only two pieces of information. And what if the user changes or upgrades their device? You would lose half the visibility. User Behaviour Analytics (UBA) adds multiple layers of nuanced information of passively observed behaviour that goes beyond what data they input and what device they use and really understand how the user interacts with the mobile or web portal.
When you start passively observing multiple layers of user behaviour and biometrics, from the moment they land on your site, create an account and across every interaction on the website, you build a profile for that user that doesn’t rely on the device they use or password they enter. Every time they return to the environment, you can measure that behaviour against their unique historical data. You can finally answer, “Is this the real user?” with confidence. You can compare that behaviour with other good users to broaden your understanding of how your good users behave and you can even answer with the same certainty, “is this user behaving like a human being?” and “is this user acting safely” and take action accordingly in real-time.
User Behavioral Biometrics helps e-commerce businesses fight fraud by bringing a wider context to every transaction decision. Most e-commerce merchants simply look at the transactions and use knowledge-based fraud prevention techniques that rely on PII and PCI even though that data is too freely available to be secure. Moving beyond easily compromised PII and instead relying on a user’s unique behaviour protects both your site and your users.
Fraudsters know that traditionally e-commerce merchants and financial institutions have relied on KBAs for their fraud prevention strategy, which means they authenticate by the user having the right answer to pass the test. So long as the fraudster has the cheat sheet, they don’t have to worry about getting the answers right.
By observing behaviour from the point of login, to registration to point of purchase, companies are able to better understand when a purchase may not be legitimate, even when a “user” is successfully logged in using stored payment information. And while fraudsters are just starting to realise their tactics of yesterday don’t work anymore, user behavioral biometrics will continue to hold them back because user behaviour can’t be copied, stolen, or spoofed.
User Behaviour Analytics layered with Behavioral Biometrics combined with traditional security measures gives the industry the ability to understand their users like never before. Knowing who the user is based on how they behave protects business and users alike in a passive, unobtrusive, invisible way with a success rate second to none.
Ryan Wilk is director at NuData Security
How much do you know about biometric technology? Take out quiz to find out!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…