Passive Behavioural Biometric Authentication : A Probabilistic approach to prevent Online Frauds

As per Experian report for 2018 “42% of millennials would conduct more online transactions if there weren’t so many security hurdles to overcome.” Experian 2018 

Mastercard estimated that almost half of all login attempts in 2018 were high risk for being fraudulent, and nearly 1 in 5 of new accounts created in 2019 so far are fraudulent on average.

In such a world, authenticating the identity of a user is more crucial than ever. As fraudsters go high-tech, so, too, are the companies seeking to stop them. One such approach is  a connected intelligence approach, which includes multiple layers of authentication solutions, leveraging AI and working together to prevent fraud.

Various Fintech have  developed a range of products that use passive biometrics to help verify good users. Passive Behavioural Biometric Authentication  is centred on probabilistically identifying if a legitimate person is physically present in the interaction. This can happen during account creations, login attempts, and transactions.

There are over 300 distinct signals which can analyze in order to make a determination. These can range from how hard a screen is being pressed to how a person is navigating around their device.

Behavioural Biometrics is a passive frictionless mechanism, this is based on users data from both mobile as well as the web. The data collected from the applications while being used by the user, create a unique signature for every individual user based on how user behaviours. This ,by default ,becomes a multi factor authentication system. The beauty of the system is, it need not restrict solely on the login page, but can reside on every page of the app/web where there is human interaction.

In simple words, the authentication happens on every page from the time the customers enters the web or mobile and exits the web or mobile. In technical terms, this is Continuous authentication for the following :

  • Continuous Authentication: Impersonation frauds on both mobile and web;
  • Impersonation due to password sharing (Cloud, Core banking, E-Commerce etc ..);
  • Step Up Authentication: Multi-Factor Authentication (On top of the second factor);
  • BOT prevention;
  • Fraudulent account creation.

The success of passive biometric authentication solutions “in no way, shape, or form negates the need for active biometrics. Connected intelligence entails coupling the passive biometrics approach to an active one.

When passive biometrics indicate that an interaction has a high probability of being fraudulent, an active challenge can be issued to confirm the identity of the user.

In this way, both approaches are necessary to effectively fight fraud.

 

Ram Rastogi

Author: Ram Rastogi

As a Digital Payments strategist focusing on removing friction in alignment with business strategy for generating value through increase in digital footprints, revenues, cross-sell. Conversant with latest digital technologies used in Lead Management, Real Time Decision Making, Risk management, Predictive Analysis and Regtech. Worked as a Short Term Consultant (STC) with CGAP - A World Bank Organisation for Digital Inclusion and also with various leading global research agencies as their Senior Council Member.

Leave a Reply

Your email address will not be published. Required fields are marked *

Show Buttons
Hide Buttons