Cognitive biometrics can help strengthen Citibank’s patented device binding solution
In his Infosecurity Magazine opinion piece, BioCatch founder Avi Turgeman explains how cognitive biometrics can complement CitiBank’s recently patented device binding solution by providing an extra layer of risk analysis and security.
The report comes a few weeks after Citibank announced it received a new patent for a technology that enables banking customers to bind a device to a specific online account to eliminate user login and authentication.
As a result, banking customers will no longer have to type their username and password to access various services if they are using the same device, no matter where they are located.
The device binding solution works by, “using a processor of a back-end server, a computing device with a customer’s profile via at least one attribute of the computing device and an encrypted token stored on the computing device,” according to the patent.
Turgeman explains how the patented technology has a few setbacks, the most notable being that it only covers low risk activities such as checking an account balance. As a result, customers will not be able to use the technology for money transfers and other high-risk actions.
Additionally, the technology cannot be used to login from new devices, nor it can be used to help detect malware.
Cognitive biometrics can be used in concert with device binding to enable “banks to reduce friction while protecting their customers, and ensuring that protection is maintained on-the-go and with any device,” Turgeman writes.
“By transparently authenticating users in web, cloud and mobile apps, cognitive biometrics can verify that current session behavior matches an established user profile created from previous activity including actions such as how the user holds and touches a mobile device and interacts with an online site,” Turgeman writes. “Since each user will have a distinct biometric signature, which cannot be duplicated by anyone else or by any automated process, fraud detection is more accurate and user friction is reduced.”