Intelligent Authentication Platform

Intelligent Authentication Platform



Information security is very important, especially in the banking industry. The advent of online banking has brought ease and convenience when making transactions. However, it has also brought many threats such as identification theft. Despite high-tech firewalls, anti-virus software, phishing filters and other software, keeping information secure is still a big problem. Many people choose not to do online banking because they are afraid that someone will gain access to their account.

People often choose passwords that can be easily cracked. They choose the name of their kids or their birthday which can be easily guessed by hackers. However, even strong passwords with alphanumeric characters are also susceptible to attacks.

There are a lot of companies that are trying to offer solutions to these problems. They are launching new technologies to increase security and protection with added hardware such as fingerprint scanners.

However, one company has solved this problem without any added hardware or user input. Apart from ensuring that the correct password is entered, its software will also monitor how it is typed in and who is typing it, making your log-in more secure.

A company in Boston, Delfigo Security, offers a software that claims can remedy this. Ther software called DSGateway Authentication Platform looks at how a user types each character and it also collects other subtle clues that "creates an additional layer of security without the need for extra equipment or user actions. As a user enters her name and password, JavaScript records her typing pattern along with other information, such as her system configuration and geographic location. When the user clicks "submit," her data is sent to the Web server and, provided that the username and password are correct, the additional information is passed on to Delfigo. The company's system then evaluates how well this information matches the behavior patterns of the appropriate authorized user. Delfigo's algorithms build up a profile of each user during a short training period, combing 14 different factors. The company's president and CEO, Ralph Rodriguez, developed the necessary algorithms while working as a research fellow at MIT. Rodriguez notes that recording multiple factors is crucial to keeping the system secure without making it unusable. If the user types a password with one hand, for example, while holding coffee in the other, the system must turn to other factors to decide how to interpret the variation, he says. If she does this every morning, the system will learn to expect to see this behavior at that time of day." (Technology Review)

"The idea that a password should completely succeed or completely fail "is an old paradigm that should go away," says Rodriguez. Even if the system sees something strange about the way that a user enters her password, for example, it just assigns a confidence level to that log-in attempt. Access levels can be configured depending on this confidence level. For example, if a user logs in from an odd location, lowering the system's confidence, it might allow her to see her account balance but restrict the funds that she is able to transfer. If the user needs to increase her confidence factor at that moment, Rodriguez says, she could answer additional security questions or have a one-time password sent to her mobile phone or via e-mail." (Technology Review)

"DSGateway contains a number of features and benefits that appeal to the C-Suite, Business Owners and IT Staff.
- Reduced Fraud " Delfigo utilizes multiple factors of authentication, ranging from biometrics to geo-location to GPS tracking, making it highly unlikely that a fraudster can compromise all that goes into validating authenticity of an individual using the Delfigo solution
- Simple Distribution and Implementation " Designed as a cloud solution requiring no client downloads or tokens DSGateway is an efficient solution to deploy in any network or application
- Enhanced Visibility & Administration" With an event-driven architecture that can monitor risks in real-time and on demand analytics and dashboards, the solution provides immediate visibility into issues enabling it to prevent identity theft before it happens
- Low TCO " DSGateway's innovative architecture, lack of additional hardware (such as tokens), user-friendly manageability and competitive price point combine to present unmatched TCO in an authentication solution
- Supports Industry Compliance " Delfigo Security helps organizations reduce their business compliance risks, by meeting regulatory mandates for industries
- Easy to Use " Users do not require training or need to change any behaviors or usage patterns to realize the full benefits of DSGateway
- Configurable " The platform is easily configured to match user profiles, roles, and other characteristic" (Dark Reading)


Sources:

http://www.technologyreview.com/read_article.aspx?ch=specialsections&sc=smarterit&id=23008

http://www.delfigosecurity.com/

http://www.darkreading.com/security/intrusion-prevention/showArticle.jhtml?articleID=218500330&subSection=End+user/client+security