Biometría comportamiento_Blog

What is behavioural biometrics and how does it work?   

Behavioural biometric technology is a high-precision technology used to authenticate users based on their behavioural patterns. It recognises unique and individual characteristics in the way people type and relate to their mobile devices or computers, making it easier to accurately identify users.   

Digital identification using behavioural biometrics is as unique to each person as their fingerprints are. This technique enables you to verify the identity of a user quickly and accurately in different sessions and maintain continuous verification of their identity in the same session.  


Continuous verification through behavioural biometrics  

Detection of any anomalous or unusual behaviour during a user’s session may be an indication that someone is attempting to impersonate them or that an attempted fraud, attack, or security breach is occurring.  In its 2023 Cost of a Data Breach Report, IBM stated that “only 28% of organisations extensively used artificial intelligence and security automation in their operations, therefore many organisations have a significant opportunity to improve their speed, accuracy, and efficiency.” As a solution to the risk of a digital identity data breach, IBM proposed “AI-driven data identity and security solutions as they can help drive a proactive security posture by identifying high-risk transactions, protecting them with minimal user friction, and detecting suspicious behaviour more effectively.” 

The Zero Trust Identity paradigm updates the authorisation process from the well-known Multi-Factor Authentication (MFA) to a Continuous Adaptive Trust (CAT) authentication method, allowing continuous identity verification through behavioural biometrics. The infrastructure learns from behaviour patterns, obtaining useful information on the functioning of the entire ecosystem in real time, dynamically and continuously evaluating and managing the risks entailed in each access or transaction. This process is considered zero trust, rather than a static or unique authentication method. 

The use of ML (Machine Learning) or AI (Artificial Intelligence) based engines allows the collection and analysis of ecosystem information such as credentials, location, device metrics, network connection and transactions, among other information. 


Implementing Facephi’s Behavioural Biometrics 

The system gathers various parameters through behavioural biometrics, such as how a user interacts with a device, layers of behavioural analysis, or when, from where, and which the user accesses. It also provides device and network information, including all associated data used to access a protected website or mobile app server.  

The result is a “cyber-DNA” profile built using various parameters about the user’s context based on behavioural biometrics, behavioural analysis and device profiles, network data, geolocation, malware patterns and other threat intelligence data. In as few as two interactions and a matter of milliseconds, you can identify the real person behind each user with >99% accuracy. It also detects anomalies, rates risks and generates alerts, allowing companies to easily configure the system to control fraud cases automatically.  

Behavioural biometrics from Facephi uses a hybrid AI system that draws on deep learning algorithms under expert supervision. The system is designed to detect suspicious usage patterns, without the need to know the user’s biometrics. This ability helps prevent the opening of fraudulent accounts during the onboarding process by detecting dubious behaviours such as changes in typing, changes in focus on the screen or abnormal response times.