Technology that learns from your online traffic can evolve faster than out-of-the-box solutions, feeding a powerful brain that can think beyond right or wrong.
We often hear questions around our passive biometrics tool – one of our four layers – such as: How long do we need to wait until a behavioral biometrics tool can build a user profile? Can I verify my users by their behavior from day one? How are you going to stop new fake users right after implementation if you haven’t seen them before?
These are all relevant questions since passive biometrics and behavioral analytics look at the user behavior for short learning period to get to know your traffic and unlock its potential.
When choosing a solution to authenticate users and protect online assets, a training period is seen by some as a weakness. Our solution doesn’t apply generic industry patterns to protect your environment, it dedicates its full attention to get to know your traffic, its characteristics, its expected behaviors, its weaknesses and, most importantly, how a customized attack would target your particular environment – and how you can get the upper hand.
One Size Fits Only One
Passive biometrics solutions can only be effective if they dedicate some time to apply all their knowledge and machine-learning technology to absorb your specific traffic activity. The same way you don’t want a doctor to diagnose you based on her previous patients but based on your own symptoms, you want a security solution that dedicates some time to analyze your traffic symptoms, anomalies, and threats.
One-size-fits-all solutions may be fully running from day one, however, as attacks evolve, bad actors learn to bypass their security barriers. If you keep banging on a door that won’t open, it won’t be long until you figure out you can also climb up to the window.
What About Good ol’ Device Intelligence?
Traditional device intelligence solutions are good at stopping baseline attacks. Similar to catching a mosquito carrying dengue, you can see it coming and just swat it. But today’s most damaging online attacks are less obvious; they hide in the digital air like anthrax, targeting millions of people at a time.
We’ve seen this with some of our clients who were using tools at login to get rid of simple mass-scale threats. They then added our solution to detect those highly-sophisticated attacks that normally streamed down into their environment, uninterrupted.
Behavioral tools are not only about detecting credential stuffing, brute force attacks, or credential testing but are also about looking beyond that: uncovering attacks that most wouldn’t detect. Every day, we see millions of attacks targeting our clients. These attacks increase our client’s overall traffic exponentially. If only 0.1% of the attacks goes through it can cost our clients millions of dollars.
The Biometrics Brain Applied
It doesn’t take long to reap the benefits of a technology that learns with your traffic. One of our banking clients was receiving attacks from bad actors that were hiding behind legitimate aggregators.
In this example, the cybercriminals were creating fake accounts on Mint and then feeding them stolen credentials. The financial management service, in turn, was using these credentials provided by the fraudster against the issuer’s interface to open the banking account of the – supposedly – legitimate customer. Instead of an account takeover, what the issuers saw from their end was traffic coming from a known source, Mint, and let it continue. Why wouldn’t they?
Our behavioral biometrics layer saw right through that. Our solution saw that an account was getting an abnormal number of failed logins coming from new IPs and devices. It also saw that there was an unusual amount of traffic coming from Mint, as well as a sudden spike on Android devices attempting to access the environment. Even more obvious was that NuData saw a similar pattern repeating across different accounts, all from Mint. The suspicious signs start to add up: an unusual number of new Mint accounts, added bank accounts, attempted logins, failed logins, and same operating systems, all of which were continually repeating. Something is wrong here.
No Attack is an Island
When looking at each interaction individually, most security solutions don’t see suspicious behavior. A solution that learns what that client’s traffic patterns look like immediately draws a link between seemingly-isolated activities. The issuer can then automate policies such as triggering additional security measures or blocking the malicious activity altogether.
One-off events don’t offer a clear indication of what’s going on in your traffic. This is why it’s important that your security tools have the time to analyze your traffic and are ready for game time. Blocking complex attacks becomes automatic when the solution is trained using your unique traffic.
A Behavior that Keeps Growing
The reason why major global brands are implementing this technology is accuracy. When you let your verification system learn and mature you can ask more complex questions that detect simmering fraud well before it surfaces, increasing your ROI exponentially.
An example of a simmering attack is when a company’s login traffic that generally utilizes updated Chrome browsers suddenly has a spike in traffic from old Chrome browsers. Although the behaviors seem to match, this is a red flag that can only be detected comparing it to the past traffic patterns of that particular company’s website.
When behavioral biometrics technology matures so do the answers you get from it. Just like we are smarter now than we were at 15 – even though we thought we knew everything back then – today we can make better life choices and understand irony, sarcasm, and other social cues that machines can’t.
Use History to Your Advantage
History is power – and this is not just some slogan to promote History degrees. Like any brain, our machine feeds from our client’s traffic and applies that knowledge to understand their threats. When you give the behavioral brain time to learn, it uses that intelligence to protect you from today’s attacks. And tomorrow’s.
Related to this blog Users sharing one password? NuData has a new solution