#alternate TechCrunch » Feed TechCrunch » Comments Feed TechCrunch »
Next-Gen Cybersecurity Is All About Behavior Recognition Comments Feed
Crowdsourcing Dystopia Elysium Space Finds A Taker For Its Moon
Memorials alternate alternate TechCrunch WordPress.com
Menu TechCrunch Search
* Follow Us
* Facebook
* Instagram
* Twitter
* Youtube
* Flipboard
* LinkedIn
* Google+
* RSS
* More
+ Youtube
+ Flipboard
+ LinkedIn
+ Google+
+ RSS
Got a tip? Let us know.
* News
+ Channels
+ Startups
+ Mobile
+ Gadgets
+ Enterprise
+ Social
+ Europe
+ Asia
+ Old Crunch Network
+ Unicorn Leaderboard
+ Gift Guides
All Topics All Galleries
Video
Shows
* Apps
* Breaking News
* Bullish
* Crunch Report
* CES 2016
* Gadgets
* Interviews
* Reviews
* TC Cribs
* TC Features
All Shows
All Videos
Events
* TechCrunch Events
* Disrupt
* Startup Battlefield
* Crunchies
* Meetups
* International City Events
* Hackathon
* Include
* NFL’s 1ST and Future
* TC Davos 2016
* News About
* CES
All Events
CrunchBase
* Trending
* Apple
* Google
* Samsung
* News
* Startups
* Mobile
* Gadgets
* Enterprise
* Social
* Europe
Search TechCrunch
Search TechCrunch ____________________ (BUTTON) Search (BUTTON) Search
9th Annual CrunchiesFind Out Who Will Win The Crunchie For Best Mobile
App - Citymapper, Messenger, Periscope, Robinhood or Wish Get Your
Tickets Today
Security
* Why Cloud Computing Will Shake Up Security
Why Cloud Computing Will Shake Up Security
* The Tor Project Raised Over $200,000 From Its First
Crowdfunding Campaign
The Tor Project Raised Over $200,000 From Its First Crowdfunding Campaign
* MariaDB Raises $9M More, Michael Howard Named New CEO, Monty
Widenius CTO
MariaDB Raises $9M More, Michael Howard Named New CEO, Monty Widenius CTO
*
Browse more...
cybersecurity
* Why Cloud Computing Will Shake Up Security
Why Cloud Computing Will Shake Up Security
* Cockroaches Versus Unicorns: The Golden Age Of
Cybersecurity Startups
Cockroaches Versus Unicorns: The Golden Age Of Cybersecurity Startups
* Where Are All The Women In White Hats?
Where Are All The Women In White Hats?
*
Browse more...
BioCatch
* Pre-Crime Startup BioCatch Authenticates Users Via Touch And Your
Phone’s Accelerometer
Pre-Crime Startup BioCatch Authenticates Users Via Touch And Your
Phone’s Accelerometer
* Pre-Crime Startup BioCatch Raises $10M Series A
Pre-Crime Startup BioCatch Raises $10M Series A
*
Browse more...
ashley madison
trusteer
* IBM Buys Israel/US Cybersecurity Specialist Trusteer For $800M-$1B
IBM Buys Israel/US Cybersecurity Specialist Trusteer For $800M-$1B
*
Browse more...
Crunch Network
Next-Gen Cybersecurity Is All About Behavior Recognition
Posted Aug 23, 2015 by Larry Alton (@LarryAlton3)
* 0
SHARES
*
*
*
*
*
*
*
*
*
Next Story
Crowdsourcing Dystopia
[behavior-e1440349030419.jpg?w=738]
Larry AltonCrunch Network Contributor
Larry Alton is an independent business consultant specializing in
social media trends, business and entrepreneurship.
More posts by this contributor:
* App-Improvement AI And The Future Of Web Development
* How Wearable Tech Could Spark A New Privacy Revolution
* How Consumer-Focused AI Startups Are Breaking Down Language
How to join the network
In the wake of devastating personal information leaks, like Target’s
back in 2014 affecting more than 70 million customers and the more
recent Ashley Madison data breach, concerns over cybersecurity are at
an all-time high.
Financial advisers overwhelmingly cite cybersecurity as their
number-one concern, with business owners and everyday consumers sharing
in those worries.
There are a few ways to approach this problem, but the one on
everyone’s mind is the most straightforward; we need to protect
companies’ records from ever being breached in the first place.
There are many ways a criminal could potentially acquire this
information; for example, they could use weak passwords to fraudulently
log in to a given system, or find an application vulnerability in the
backend to find stored data. Breaches like this are startlingly common,
and many go unreported in the news.
Recognizing this, many have suggested the proper way to fight back and
improve cybersecurity is to improve backend systems to have fewer
vulnerabilities, or train consumers and employees to do a better job of
keeping their login information secure. Either way, the goal here is to
slow criminals down by making it more difficult for them to obtain or
use the necessary information.
Why Preventing Data Breaches Can Never Lead To Victory
This is a logical system of improvement, but it’s fundamentally flawed
in two major ways. First, it’s impossible to get everyone on board with
new security standards.
We need to protect companies’ records from ever being breached in
the first place.
For example, if you inform a room full of 100 people about all the
dangers of cyberattacks and security breaches, and you explain, in
detail, the importance of creating, maintaining and regularly changing
strong passwords, at least one person in that group of 100 will
continue using the password “password123.” And because all it takes is
one rogue available login to gain access to a system, that weak link
will perpetually remain open.
The other side of the problem is continuing advances in encrypted
systems. In a series of one-upmanship, advanced technicians are
constantly coming up with new ways to stop cybercriminals in their
tracks, and cybercriminals are constantly coming up with new ways to
tear down those structures.
Any new advance in cybersecurity serves only as a temporary wall.
Regularly improving and upgrading these walls can serve as an evolving
series of defenses, but there can never be a sound “victory” when all
data breaches are prevented.
An Alternative Method
Rather than focusing on stopping cybercriminals with walls, new
technologies are emerging that work to identify cybercriminals instead.
Take the relatively new startup BioCatch, which received $11.6 million
in funding over three rounds. BioCatch’s technology works to identify
patterns of user behavior in certain applications, creating user
profiles that can then be matched to subsequent visits.
For example, if you visit an e-commerce platform and move your cursor
in a certain pattern, or type at a certain speed, BioCatch will be able
to determine, on future visits, whether or not the user with your login
credentials is actually “you.” Account takeovers, remote access (RAT),
and MitB malware attacks could all be potentially thwarted by this
approach.
Mimicking a user’s online behavior is far more difficult than
breaking down a wall.
Think of it this way — when you use your credit card in an unusual
location, like out of state, your bank typically calls you to confirm
that it’s actually you making those purchases.
This new technology works the same way, except it uses atypical
variations in parameters, like typing speed, mouse movement, keyboard
strokes, tapping force and swipe patterns instead of geographical
location. Take this practical example: After a few logins, this system
will learn that you tend to browse slowly, tap icons hard and type at
an average speed.
If someone gets ahold of your login information and browses quickly,
with fast typing speed and weak “taps,” the system will trigger a
fraudulent use, and your hacker will be forced to provide further
authenticating details (or, more likely, give up the effort).
Similar technology, focused on positively identifying people based on
behaviors and biometric signatures, is beginning to emerge from other
companies, as well. For example, take Bionym, a Toronto-based startup
that recently raised $14 million in Series A funding.
Using a wearable wristband called Nymi, the technology detects ECG
activity to positively identify a user, then wirelessly confirms that
identity to apps and online platforms. Sonavation, a company that
designs and produces fingerprint sensors, is also exploring the
possibilities of using device-based fingerprint readers to verify user
identities.
None of these technologies require any additional effort from the user
— they just need to “act natural” in the course of their typical
behavior — yet the possibilities for an imposter to mimic these actions
is very low.
Some of the strengths of this approach include a “touchless” system,
which learns and adapts on its own without direct intervention, and the
fact that these patterns can’t be easily learned or faked by an
external system.
There are some weaknesses, however, as human behavior isn’t always
consistent; these systems could trigger false positives and potentially
lock people out of their own accounts. They also do nothing to ensure
first-line security, such as protecting passwords from leaking in the
first place.
Other Major Players
In addition to biometric and behavior-based security startups like
BioCatch and Bionym, several other tech companies are working on this
identification-based last line of defense in cybersecurity.
For example, take RSA security, which uses adaptive authentication to
positively identify human- and machine-based behaviors and determine a
qualitative risk level for each use of the system.
New technologies are emerging that work to identify cybercriminals.
For example, if this system notices improbably fast pacing of clicks,
it could register the user as an automated machine and prevent it from
operating further. This is great for preventing automated attacks, but
does little to identify an unauthorized human being using another
human’s personal information.
Or take Trusteer, a startup acquired by IBM in 2013 which now functions
as a subsidiary of the company. Trusteer uses software that identifies
potential criminal activities on mobile devices, as well as
desktop-based activities.
For example, it uses malware detection to determine when a hostile
attempt to take over a mobile device has been initiated. It also uses
front-end protection to block phishing attempts and similar breaches to
personal information, and helps companies implement web-based services
that block account takeover attacks.
In this way, Trusteer functions as both a front-end (information
protection) and back-end (preventing unauthorized use of information)
protection company.
Rather than trying to build new walls to slow down criminals, these
companies are taking a more efficient path of positive identification.
This isn’t to say that conventional security practices aren’t important
— encrypted data, multi-level authentication requirements and general
best practices for logins and passwords are as important as ever — but
they can always be outsmarted.
Mimicking a user’s online behavior is far more difficult than breaking
down a wall, and if BioCatch and its competitors’ behavioral analysis
tools prove to be a success, expect to see more products and services
like it emerging in the years to come.
Featured Image: Lightspring/Shutterstock
* 0
SHARES
* 0
Share
* 0
Tweet
* 0
Share
* 0
* 0
* 0
*
*
Advertisement
Advertisement
CrunchBase
* BioCatch
+ Founded 2011
+ Overview BioCatch takes behavioral biometrics technology to
the next level by leveraging a truly unique approach. Their
goal is to equip the industry with a real game-changer in the
fight against advanced cyber threats. They’re a privately
owned, rapidly growing company that was founded late 2011.
Their first products focus on online and mobile fraud
mitigation; the technology is at the beta stage and …
+ Location Boston, MA
+ Categories Cyber, Cyber Security, Fraud Detection
+ Website http://biocatch.com
+ Full profile for BioCatch
* Nymi Band
+ Description Nymi is the wearable authentication technology
that allows users to take control of their identity through
cardiac rhythm identification.
+ Website http://www.getnymi.com
+ Full profile for Nymi Band
* Nymi
+ Founded 2011
+ Overview Nymi is a team of thinkers and innovators aimed at
shaping the world of technology through biometrics,
authentication technology, and their concept of identity.
While they specialize in biometrics and authentication
technology for consumer electronics, they also develop
technology that uniquely utilizes gesture control, proximity
detection, and application development.
+ Location Toronto, Ontario
+ Categories Hardware + Software
+ Website http://nymi.com
+ Full profile for Nymi
TechCrunch Newsletters
[ ] TechCrunch Daily Our top headlines Delivered daily
[ ] TC Week-in-Review Top stories of the week Delivered weekly
[ ] CrunchBase Daily The latest startup funding announcements Delivered
daily
[ ] TC Europe The top European tech stories Delivered weekly
[ ] TC Gadgets Top stories about gadgets Delivered weekly
[ ] TC Mobile & Apps Top stories about apps Delivered weekly
[ ] TC Startups Top stories about startups Delivered weekly
[ ] TC Social Media Top stories about social Delivered weekly
[ ] TC Asia The top Asian tech stories Delivered weekly
[ ] Crunch Network The best from our contributors Delivered weekly
View More
Enter Address ____________________ (BUTTON) Subscribe
Latest Crunch Report
* Facebook Sports Stadium Wants to Be Your New Sports Hub | Crunch
Report
Facebook Sports Stadium Wants to Be Your New Sports Hub | Crunch Report
Watch More Episodes
* cybersecurity
* BioCatch
* ashley madison
* trusteer
* Security
* Popular Posts
Featured Stories
* Next-Gen Cybersecurity Is All About Behavior Recognition
Don Baer On Politician's Approach To Technology
VIDEO | 12:03 | Breaking News
* Werner Herzog On His Documentary Lo And Behold, Cockroach Movies
And Moving To Mars
Werner Herzog On His Documentary Lo And Behold, Cockroach Movies And Moving
To Mars
1 hour ago | Matthew Panzarino
* Get Ready For A Smaller iPhone 6s Mini
Get Ready For A Smaller iPhone 6s Mini
4 hours ago | Romain Dillet
* Netflix Makes Good On Promises To Crack Down On VPNs, But Blocks
Are Short-Lived
Netflix Makes Good On Promises To Crack Down On VPNs, But Blocks
Are Short-Lived
5 hours ago | Sarah Perez
* Forthcoming Samsung Galaxy S7 Benchmarks Leak
Forthcoming Samsung Galaxy S7 Benchmarks Leak
11 hours ago | Natasha Lomas
Latest From TechCrunch
* Gravit Lets You Illustrate In Your Abode Or On The Road
Gravit Lets You Illustrate In Your Abode Or On The Road
1 hour ago | John Biggs
* Apple Has A New Apple TV Ad, And It’s All About Apps
Apple Has A New Apple TV Ad, And It’s All About Apps
1 hour ago | Romain Dillet
* Werner Herzog On His Documentary Lo And Behold, Cockroach Movies
And Moving To Mars
Werner Herzog On His Documentary Lo And Behold, Cockroach Movies And Moving
To Mars
1 hour ago | Matthew Panzarino
* A Day After Launch, “Exploding Kittens” Tops The App Store
A Day After Launch, “Exploding Kittens” Tops The App Store
1 hour ago | Sarah Perez
Up Next
Crowdsourcing Dystopia
Posted Aug 23, 2015
CrunchBoard
Job Listings
*
Principal Analyst - Marketing Technology
CarMax
*
Architect - Enterprise Information
CarMax
*
Senior Software Developer - Web Development
CarMax
*
Online Systems Platform Manager
CarMax
*
Team Manager- CRM
CarMax
More from CrunchBoard
Advertisement
TechCrunch
[crunch-network.jpg]
* News
* TCTV
* Events
* CrunchBase
About
* Staff
* Contact Us
* Advertise With Us
* Send Us A Tip
International
* China
* Europe
* Japan
Follow TechCrunch
* Facebook
* Twitter
* Google+
* LinkedIn
* Youtube
* Pinterest
* Tumblr
* Instagram
* StumbleUpon
* Feed
TechCrunch Apps
* iOS
* Android
* Windows 8
Subscribe to TechCrunch Daily
Latest headlines delivered to you daily
[X]
Subscribe to Subscribe to TechCrunch
Daily
Enter Email Address ____________________ (BUTTON) Subscribe
© 2013-2016 AOL Inc. All rights reserved. Aol Tech Privacy Policy About
Our Ads Anti Harassment Policy Terms of Service
Powered by WordPress.com VIP
Fonts by
[b?c1=2&c2=6036210&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1]
* TechCrunch (BUTTON)
*
News
+ Startups
+ Mobile
+ Gadgets
+ Enterprise
+ Social
+ Europe
+ Asia
+ Old Crunch Network
+ Unicorn Leaderboard
+ Gift Guides
+ All Galleries
Videos
* Apps
* Breaking News
* Bullish
* Crunch Report
* CES 2016
* All Shows
* All Videos
Events
* Disrupt
* Startup Battlefield
* Crunchies
* Meetups
* International City Events
* Hackathon
* Include
* NFL’s 1ST and Future
* TC Davos 2016
* All Events
CrunchBase
____________________ (BUTTON)
(BUTTON)
Most Popular
Get Ready For A Smaller iPhone 6s Mini
4 hours ago by Romain Dillet
A Day After Launch, “Exploding Kittens” Tops The App Store
1 hour ago by Sarah Perez
Forthcoming Samsung Galaxy S7 Benchmarks Leak
11 hours ago by Natasha Lomas
Netflix Makes Good On Promises To Crack Down On VPNs, But Blocks
Are Short-Lived
5 hours ago by Sarah Perez
Why Cloud Computing Will Shake Up Security
2 hours ago by Tom Gillis
Apple Has A New Apple TV Ad, And It’s All About Apps
1 hour ago by Romain Dillet
SpaceX Tested Its Capsule That Will Send Humans To Space
1 hour ago by Emily Calandrelli
These Are The Most-Watched Vines Of The Year
5 hours ago by Jordan Crook
Google Reportedly Paid Apple $1B In 2014 To Remain Default Search
Engine On iOS
17 hours ago by Jon Russell