Biometric authentication is popular because of the security offered. However secure a system would be, hackers and criminals try their best to gain access. The risks posed by cybercriminals has led to innovations in biometric authentication. One of the ways to minimize fraud is by understand behavior of users.

Behavioral biometrics

The psychology of biometric authentication involves a close understanding of user behavior while using biometrics. This is known as behavioral biometrics. It makes use of machine learning to analyze the activity of users to try and detect suspicious behavior. Whenever any such anomalous behavior is detected, it can be flagged for further action.

Behavioral biometrics looks for patterns in activities done by humans. These can include the following:

  1. Mouse activity: The use of the mouse, speed, pattern of movement, and scroll preferences can be monitored.
  2. Keystroke: The use of the keyboard can be monitored. Typing speed, use of shortcuts, and use of advanced keys can be monitored.
  3. Touchscreen: The way in which touchscreen is used as in pressure, press size, and press area are monitored.
  4. Device: In the case of mobile devices, orientation, use of gyro, and scrolling can be monitored.
  5. Gait: The walking pattern like length of the stride, speed of movement, and posture can be monitored.
  6. Voice: Where voice commands are used, the pitch variation, rhythm, and pauses can be tracked.
  7. Location: The location the user visits frequently can also be monitored.

All the above would have to understand user behavior. Software can track these parameters in the background to identify a user. If there are changes in any of these patterns, it could be due to someone else using the system/device. This would be flagged as an anomaly and further action can be taken as per policies.

Use cases

Some use cases for behavioral biometrics are:

  • It can be used by banks in account opening. There are many instances of opening by accounts by using stolen identities. Understanding user patterns can help understand if the real user is opening the account or someone using a stolen identity.
  • Takeover of accounts by hackers or cyber criminals can be prevented. Software with behavioral biometrics can detect if someone else is impersonating the user. This can be flagged. In such a situation, additional authentication can be demanded from the user. This would help in preventing fraud.
  • Access control systems can use behavioral biometrics to regulate access and prevent unauthorized access.

The article was authored by Bahaa Abdul Hadi and has been published by the editorial board of the Identity Herald. For more information please visit www.identityherald.com