In recent posts on its official blog, Israeli-based behavioral biometrics company BioCatch establishes the difference between static and behavioral biometrics modalities, and makes the case for the advantages of the latter in today’s rapidly evolving digital landscape.
In a post titled “Behavioral Biometrics vs Static Biometrics: Dynamic Fraud Detection Explained”, Vice President of Market Strategy at BioCatch Ayelet Biger-Levin lays out the differences between behavioral biometrics and static biometric authentication methods such as fingerprint, voice, iris and facial recognition.
She argues that though static biometrics are more secure than traditional PIN/password modalities, using only one of these methods is “fundamentally the same as adding a static second password; albeit one that can never be changed if compromised.”
Biger-Levin also points to the increased cases of facial recognition algorithms exhibiting signs of racial bias, and the rise of spoofing and sophisticated hacking techniques that can steal or simulate an individual’s biometric data, as other flaws associated with static biometrics.
“The problem with static biometrics security based on factors, like points captured in fixed images, is that even if the initial authentication is valid and done by the legitimate user, the integrity of the session gradually erodes over time,” writes Biger-Levin. “The only way to restore it is to require additional authentication factors.”
One approach to combating this is the use of multimodal biometrics, which combines more than one type of biometric modality to improve security; however, she notes that this leads to increased friction and disruption in the authentication process, which can dissuade users and cost business in the short term.
”The optimal solution is behavioral biometrics, a dynamic solution, rather than a static one, that increases trust and reduces friction during online sessions while also providing high levels of fraud detection,” she writes. “Behavioral biometrics run continuously in the background to protect sessions post-login and to detect subtle anomalies based on risk.”
Behavioral biometrics take a user’s physical and cognitive digital behaviors and analyze them to create a unique signature. They can look at multiple data and end point interactions such as hand-eye coordination, key or screen pressure, navigation and other finger movements and determine how familiar an individual is with the application they are using based on how they interact with it.
A second post, titled “Behavioral Biometrics: A Primer on Dynamic Fraud Detection”, highlights the benefits of behavioral biometrics modalities, noting that they offer continuous authentication beyond the login experience with minimal “friction or disruption to the end user,” while expounding on BioCatch’s own solutions.
“BioCatch provides truly continuous protection by collecting and analyzing data throughout the session, so even the most subtle changes within the session do not go undetected. The BioCatch Risk Engine is powered by machine learning algorithms that analyze physical and cognitive digital behavior of users across web and mobile channels.”
Biger-Levin notes that once the system has established a user’s unique behavioral biometric signature, it can detect anomalies and any suspicious behavior with high accuracy and a low chance of false-positives when compared to static methods.
Finally, Biger-Levin and BioCatch look to the future trends forecasted for the behavioral biometrics market, including the technology’s expansion into different FinTech markets outside of consumer banking, and its potential for use in multimodal systems that currently rely on two different static modalities.
October 16, 2020 – by Tony Bitzionis