buguroo is pushing its behavioral biometric technology to financial institutions looking to comply with a growing number of industry regulations. The company called particular attention to Europe’s GDPR and PSD2 legislation, the latter of which lays out Strong Customer Authentication (SCA) rules that are set to go into effect on December 31.
In that regard, buguroo noted that PSD2 introduces a multifactor authentication requirement, which will force SCA-compliant organizations to verify users based on at least two factors spread across three categories. Those factors could be something a person owns (such as a device), something they know (such as a password), or something they are (such as a fingerprint or some other biometric).
The problem, according to buguroo, is that many of the more popular security factors are not terribly effective. For example, passwords can be lost or stolen, and there is now a wealth of personal information available on the dark web. Meanwhile, static checks (including biometric checks like a facial scan) only verify someone’s identity at login, and do not give financial institutions any way of knowing who is in control of the session beyond that point.
Behavioral biometrics, on the other hand, operates in the background, analyzing factors like typing speed to create a unique BionicID that is virtually impossible to duplicate. It is also not based on sensitive personal information, which means that financial institutions do not need to store confidential data and can verify people’s identities while still complying with GDPR’s data privacy regulations.
Finally, buguroo stressed that its bugFraud solution is able to detect the presence of malware in an online session, whether it arrives in the form of modified code or an app that has been installed on the device being used. That gives financial institutions an extra layer of security and prevents many forms of cyberattacks.
December 22, 2020 – by Eric Weiss