January 24, 2014 – by Peter B. Counter
The mainstreaming of strong authentication solutions has been the hottest of technology topics in the past six months, especially after the Apple iPhones 5S brought fingerprint biometrics to the hands of a massive section of the American public in September. Since then, a great number of innovations in mobile ID verification and management have been proposed, demonstrated and even launched as potential password alternatives for individuals and businesses that simply need more protection.
In the mobile identity arena, a new kind of authentication has been proposed, called invisible biometrics. These factors, unlike active interface counterparts like iris, fingerprint or palm-vein, invisible biometrics are passively measured, running in the background and throwing up additional layers of security if an anomaly is detected. Traditionally this style of security refers to non-friction voiceprint style authentication, like AGNITiO’s Voice iD, keystroke or (hypothetically at this point) walking gait.
But what about social networks?
AuthenWare, the recent recipient of the Leader in Innovation award during the Financial Services Technology Summit, has come up with the idea of what it refers to as a “”social network” that provides Secure-Single-Sign-On to most websites,” called Cool ID.
“Generally, in information security, the weakest link is the human being, but for us the human being is at the heart of our technology,” says AuthenWare CTO, Daniel Caselles. “When it comes to security, unnatural demands are made of us, such as remembering complicated passwords, so we have developed a security solution that is based on human nature or human behaviors. All of our technology consists of assuring an information system that the user is who he says he is, based on his behaviors.”
Cool ID is a cloud-based postal targeted at end users. It uses what AuthenWare calls “behavioural biometrics,” which in this case are a form of keystroke authentication. Cool ID measures the natural rhythm of a user’s taps on her keyboard: something unique to each person and near impossible to imitate with any regularity.
The social network branding may seem like a misnomer to those asking the question “What is social about a cloud-based single-sign-on portal?” But rest assured, it’s not a marketing ploy.
A major security risk in recent times has become the frailty of a user’s personal account network now that websites and service providers are allowing for sign in via Facebook. Becoming a single-sign-on portal has become a key social networking feature, unlocking comment sections and allowing for the instant sharing of content. This lack of friction, however, leads to dangerous roads, namely the fact that a hacker need only crack a Facebook password to gain access to any number of accounts that are used by the victim (including some with credit card and other payment information).
Single sign on is already a popular choice, simply because it’s easy. By funnelling that through a behavioural biometrics system AuthenWare makes a strong case for stronger authentication without burdening the clearly exhausted end user, overwhelmed by the nightmare that has become staying secure online.