FB pixel

Entrust Datacard building out continuous authentication capabilities

 

The ability to continuously authenticate a user during a session is a major opportunity for financial and banking companies with mobile customers, says Entrust Datacard global vice-president of authentication Ryan Zlockie. Entrust Datacard will make announcements related to continuous authentication at RSA 2017 and in March, the later related to biometrics, Zlockie told Biometric Update in an exclusive interview.

“A lot of things are changing with the banks, that are really putting authentication even more front and center,” Zlockie says.

As banking changes to an omnichannel, self-service, digital user experience, the importance of maintaining security for the duration of a session is moving the industry away from event-based security. Financial companies are turning instead to continuous authentication, which Zlockie says Entrust Datacard is strongly positioned to help them do, having built a solution based on its proprietary adaptive analytics engine.

Entrust Datacard collects data from as wide a range of source as possible, including behavioral biometrics, device identification, and others, including other biometrics. The approach allows unusual usage to trigger a step-up of security measures, including requests for user authentication, while reducing their need when the balance of factors indicates that the session is secure and low-risk.

“Behavioral is typically thrown out there for continuous. For us, behavioral is not only a continuous play. It’s also for whenever we want to do any type of repudiation, when we use a very strong credential form, to climb up with some behavioral stuff leading up to that. That gives you your most secure transaction.”

Zlockie says that continuous authentication alters the balance can be achieved with between strong security and user experience. “Now you can push strong security down to the masses without making them feel like they’re productivity’s being impacted by security.”

This not only improves user experience, it provides defense against man-in-the-middle style attacks, or use of stolen credentials, which remain one of the main attack vectors for costly security breaches.

Entrust Datacard uses fingerprint as its strong mode of verification for continuous authentication currently, but Zlockie is bullish on the potential of facial and particularly iris recognition.

“It’s not about single factor versus multifactor. That’s a dated conversation. We should be moving into the world of the right user experience, using pattern analysis and biometrics. Face recognition could have a place in continuous eventually, because you can do it behind the scenes and still have it be transparent to the user, although it’s not in the mainstream of continuous conversations today.”

Entrust Datacard provides the adaptive engine that powers its continuous authentication service, and is focused on integrating the technology seamlessly with customers’ applications, while technology specific to biometrics is provided by its partners. “Our biometric partners are a key strategic area of our solution,” Zlockie says. He also reveals that the company will make an announcement in March related to the biometric technology backing its continuous authentication.

While that may involve facial or iris recognition, Zlockie says Entrust Datacard is also continuing to build on its behavioral capabilities.

Entrust Datacard is positioned to secure mobile banking and other security-conscious markets by moving from security based on static events, rules, and policies to continuous security leveraging the new predictive and self-learning powers of advanced computing. The company’s upcoming announcements could move continuous authentication closer to mainstream security practice, significantly impacting companies delivering mobile services, along with potential partners in the biometrics industry.

Article Topics

 |   |   | 

Latest Biometrics News

 

TSA wants to delay full enforcement of REAL ID another two years

The US Transportation Security Administration (TSA) has proposed to delay full enforcement of REAL ID for Americans until 2027, but…

 

DEA to make award for biometric-enabled polygraph

The U.S. Drug Enforcement Administration (DEA) announced it intends to negotiate and issue a sole-source firm fixed price award to…

 

Low birth registration, high cost hinder access to legal ID in Sub Saharan Africa

While the need for legal and digital ID remains ever pressing as a result of the digital transformation wind blowing…

 

Biometric authentication invaluable, set to further enhance security in Africa

A webinar held during the Digital ID Hackathon for Africa organized by Upanzi Network and Microsave Consulting in partnership with…

 

Saudi Arabia’s Absher boosts digital ID delivery, financial inclusion

The Absher platform in the Kingdom of Saudi Arabia has emerged as the core pillar of the country’s efforts towards…

 

Malawi begins biometric voter registration pilot to test new system

A trial voter registration process will begin in Malawi tomorrow September 13 to put the country’s new Electoral Management Device…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events