Behavior biometrics - The silent revolution in digital fingerprinting

•Download as PPTX, PDF•

0 likes•183 views

This document discusses behavior biometrics and TypeWATCH software. It summarizes that TypeWATCH uses behavior biometrics to monitor typing patterns to detect identity theft attempts and continually verify user identities. It does this without hardware by analyzing a user's typing as they use applications. TypeWATCH can be used by individuals, enterprises, and for websites to complement other security measures by adding a behavior biometric layer without interrupting users.

Technology

Behavior Biometrics
The silent revolution in
digital fingerprinting
Rui Melo Biscaia
Watchful Software

Some “house rules” on this Webinar
11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 2
1
You are muted centrally.
You don’t need to mute/unmute yourself
2
This webinar is being recorded.
You’ll have access to it on-demand on www.watchfulsoftware.com
3
The Q&A session will be at the end.
You are welcomed to enter questions anytime, using the Questions feature
in the GoToWebinar control panel
Speaker
Rui Melo Biscaia
Director of Product Management & Strategic Accounts
Watchful Software

How secure are our Digital Identities?
11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 3

How secure are our Digital Identities?
11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 4

Behavior Biometrics in a nutshell
11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 5
1 Monitors for identity theft attempts by means of analyzing typing patterns of users
2
Continually verifies users’ identities as they type during each windows session in an on-going
basis
3
Requiring no hardware, is a software only solution, that understands who the user is in less
than a tweet
4 Complements any Intrusion Detection System, or 2FA, by adding a behavior biometric layer
5 Works with any language, works with any app, works with any content
6 Runs in the background, transparent to the user, and never asking for dedicated text input
7
Delivers mitigation actions – Screenshot, Photo, Lock screen, E-mail, Text authentication
screen, etc…

Behavior Biometrics - Use Cases
11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 6
 What if someone tries to
impersonate me send
emails or post on my
behalf?
 How can the system
tackle it and prevent that
from happening?
 What if a student allows
another person to take the
exam once he/she has
entered the login details?
 How can the system
identify that the student
taking the exam is actually
him/her and not someone
else?
 What if someone knows or
steals your login
credentials?
 How can the system
understand and react to
the fact that that the
person using the
computer is not you?
Is someone else logged in
my computer?
Is someone trying to
impersonate me in social
media?
Is someone cheating on
this online exam?

Passive Enrollment and Dynamic Profiling
11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 7

11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 8
TypeWATCH is Behavior Biometrics

TypeWATCH: Product suite offer
11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 9
4 Individuals WEB
 To the enterprise
 Managed centrally
 Enforcement of policies
 Security Roles & Levels
 Monitor alarms
 User based mitigation
actions
Enterprise

TypeWATCH Enterprise
11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 10
 To the enterprise
 Managed centrally
 Enforcement of policies
 Security Roles & Levels
 Monitor alarms
 User based mitigation
actions
Enterprise

TypeWATCH Enterprise
11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 11
 To the enterprise
 Managed centrally
 Enforcement of policies
 Security Roles & Levels
 Monitor alarms
 User based mitigation
actions
Enterprise

TypeWATCH Enterprise
11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 12
 To the enterprise
 Managed centrally
 Enforcement of policies
 Security Roles & Levels
 Monitor alarms
 User based mitigation
actions
Enterprise

TypeWATCH: Product suite offer
11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 13
 To end-users/mass
market
 Download and start using
it. No server.
 Freemium pricing model
 Also used for POCs and
demoing the product
4 Individuals WEBEnterprise

TypeWATCH for Individuals
11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 14
 To end-users/mass
market
 Download and start using
it. No server.
 Freemium pricing model
 Also used for POCs and
demoing the product
4 Individuals

TypeWATCH: Product suite offer
11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 15
 To the enterprise
providing web-based
services
 Does not require a client
agent to be installed
 Applies to a website or
web platform
4 Individuals WEBEnterprise

Similar to Behavior biometrics - The silent revolution in digital fingerprinting

FRN combines the high quality, authoritative anti-fraud and audit content from the leading providers, AuditNet ® LLC and White-Collar Crime 101 LLC/FraudAware. The two entities designed FRN as the “go-to”, easy-to-use source of “how-to” fraud prevention, detection, audit and investigation templates, guidelines, policies, training programs (recorded no CPE and live with CPE) and articles from leading subject matter experts. FRN is a continuously expanding and improving resource, offering auditors, fraud examiners, controllers, investigators and accountants a content-rich source of cutting-edge anti-fraud tools and techniques they will want to refer to again and again. White-Collar Crime Fighter Newsletter Subscribe Now at No Cost! FraudResourceNet has made the premier Anti-Fraud newsletter, White-Collar Crime Fighter freely available to all. All this is required is to complete the registration form with your work email address! The widely read newsletter, White-Collar Crime Fighter brings you expert strategies and actionable advice from the most prominent experts in the fraud-fighting business. Every two months you'll learn about the latest frauds, scams and schemes... and the newest and most effective fraud-fighting tools, techniques and technologies to put to work immediately to protect your organization. When it comes to fraud, knowledge of the countless schemes, how they work and red flags to look for will help keep you, your organization and your clients safe. At FraudResourceNet we understand this and take great pride in providing our FREE White Collar Crime Fighter newsletter -- filled with exclusive articles and tips to provide the knowledge you need. Make sure you stay informed. Sign up for White Collar Crime Fighter newsletter and we’ll keep you up-to-date on special promos, training opportunities, and other news and offers from FraudResourceNet! Signing up is easy and FREE. If you have not already subscribed to our newsletter, please sign up to get started! Sign up for the White Collar Crime Fighter Newsletter (a $99 value ... now completely FREE)

Quick Response Fraud Detection

FraudBusters

How classification changes the way you look into corporate data

Watchful Software

If you think you’re safe because you have two-factor authentication protecting your applications and data, you might want to rethink your security strategy. While certain two-factor methods can be secure, others can be easily defeated leaving you vulnerable to attacks. Learn why simple two-factor authentication is not enough and what you can do to make sure you are protected. We'll present a new approach to authentication, which continuously analyzes risk-factors including, geo-location, behavioural biometrics and threat intelligence, to ensure your users are who they say they are.

Why Two-Factor Isn't Enough

SecureAuth

CPX 2016 Moti Sagey Security Vendor Landscape

Moti Sagey מוטי שגיא

Mobile workforces and apps have revolutionized a number of highly regulated industries. State and federal regulations, such as the Health Information Portability and Accountability Act (HIPAA) and Sarbanes-Oxley (SOX), and industry standards, such as the PCI Data Security Standard (PCI DSS) and OWASP Top 10, have evolved as a result. So how do you achieve compliance outcomes for mobile apps? *These slides accompany the webinar: https://youtu.be/mqIU5dDyHwM

Compliance in the mobile enterprise: 5 tips to prepare for your next audit

NowSecure

The State of Marketing Technology Today The State of Marketing Technology Today

Ghostery, Inc.

Recent Microsoft studies have demonstrated not everyone gets automated testing right; many enterprises still lack the know-how to achieve optimum results. Join our upcoming webinar on 5 Keys to your best Automated Testing Strategy. In this webinar, we will cover: Avoiding the Automation ‘Gotchas’ Visualizing end-to-end performance Predicting and solving performance issues …along with a live demo of SOASTA’s Mobile Functional Test with integrated device performance metrics.

5 Keys to Your Best Automated Testing Strategy

SOASTA

Cyber Security for Financial Institutions

Khawar Nehal khawar.nehal@atrc.net.pk

LSI Spring Agent Open House 2014

Ashlie Steele

Matteo meucci Software Security - Napoli 10112016

Minded Security

Cybersecurity Fundamentals for Bar Associations

NowSecure

Wearables Landscape 2015 - Sample Report

SlashData

Avcomparatives Survey 2011

Anatoliy Tkachev

Progressive Web Apps - Goto Chicago 2017

Christian Heilmann

OSB140: Want a Safer Network? You Can Remove Local Admin Rights with Ivanti A...

Ivanti

RightsWATCH Secure Collaboration with Azure RMS

Watchful Software

Mobile testing is getting harder—more devices, multiple operating systems, higher quality expectations, and shorter development cycles. How do you deal with these demands? In order to align mobile testing with product strategies and market goals, Tom Chavez says you first need to (1) know your users and how they will use your app. (2) Knowing the app and how users may actually be using it differently are key to testing to satisfy users—not the designers. (3) With test case matrices vastly larger than ever, prioritizing tests into “must-haves” and “nice-to-haves” is necessary to make the testing process manageable. With so many devices on the market, you have to (4) determine which are required for testing, which are optional, which to purchase, and which you might borrow or rent from a device cloud. Tom advises (5) how to know which tests to automate, which should remain manual, and (6) how back-end performance affects user experience. And finally, (7) know your edges. Learn the key strategies for mobile testing and this seven-step process with the tools you can use to deliver the testing to meet your project goals.

Seven Steps to Pragmatic Mobile Testing

TechWell

OWASP Mobile Top 10

NowSecure

56_Hackerschool.in_guestblog.docx

shallywarner

Access control is a key part of any physical security practice, but only if it is leveraged correctly. Join our security expert Steve Van Till, President and CEO of Brivo, and guest speaker/valued-Brivo customer Chad Thompson, CMO of LifeStyle Communities, to learn the most important measurements to take to improve physical security at your organization. What You Will Learn Five measurements to incorporate when creating a security strategy for access control Best practices to track and monitor visitors by location Learn how a fast-growing property management company uses a cloud-based access control mobile solution to save money and improve their overall residential experience.

Five Physical Security Measures Every Company Should Adopt

Brivo Inc.

Similar to Behavior biometrics - The silent revolution in digital fingerprinting (20)

Quick Response Fraud Detection

How classification changes the way you look into corporate data

Why Two-Factor Isn't Enough

CPX 2016 Moti Sagey Security Vendor Landscape

Compliance in the mobile enterprise: 5 tips to prepare for your next audit

The State of Marketing Technology Today The State of Marketing Technology Today

5 Keys to Your Best Automated Testing Strategy

Cyber Security for Financial Institutions

LSI Spring Agent Open House 2014

Matteo meucci Software Security - Napoli 10112016

Cybersecurity Fundamentals for Bar Associations

Wearables Landscape 2015 - Sample Report

Avcomparatives Survey 2011

Progressive Web Apps - Goto Chicago 2017

OSB140: Want a Safer Network? You Can Remove Local Admin Rights with Ivanti A...

RightsWATCH Secure Collaboration with Azure RMS

Seven Steps to Pragmatic Mobile Testing

OWASP Mobile Top 10

56_Hackerschool.in_guestblog.docx

Five Physical Security Measures Every Company Should Adopt

Recently uploaded

Tata AIG General Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

Created by Mozilla Research in 2012 and now part of Linux Foundation Europe, the Servo project is an experimental rendering engine written in Rust. It combines memory safety and concurrency to create an independent, modular, and embeddable rendering engine that adheres to web standards. Stewardship of Servo moved from Mozilla Research to the Linux Foundation in 2020, where its mission remains unchanged. After some slow years, in 2023 there has been renewed activity on the project, with a roadmap now focused on improving the engine’s CSS 2 conformance, exploring Android support, and making Servo a practical embeddable rendering engine. In this presentation, Rakhi Sharma reviews the status of the project, our recent developments in 2023, our collaboration with Tauri to make Servo an easy-to-use embeddable rendering engine, and our plans for the future to make Servo an alternative web rendering engine for the embedded devices industry. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://ossna2024.sched.com/event/1aBNF/a-year-of-servo-reboot-where-are-we-now-rakhi-sharma-igalia

A Year of the Servo Reboot: Where Are We Now?

Igalia

With more memory available, system performance of three Dell devices increased, which can translate to a better user experience Conclusion When your system has plenty of RAM to meet your needs, you can efficiently access the applications and data you need to finish projects and to-do lists without sacrificing time and focus. Our test results show that with more memory available, three Dell PCs delivered better performance and took less time to complete the Procyon Office Productivity benchmark. These advantages translate to users being able to complete workflows more quickly and multitask more easily. Whether you need the mobility of the Latitude 5440, the creative capabilities of the Precision 3470, or the high performance of the OptiPlex Tower Plus 7010, configuring your system with more RAM can help keep processes running smoothly, enabling you to do more without compromising performance.

Boost PC performance: How more available memory can improve productivity

Principled Technologies

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

panagenda

Artificial Intelligence Chap.5 : Uncertainty

Khushali Kathiriya

This presentations targets students or working professionals. You may know Google for search, YouTube, Android, Chrome, and Gmail, but did you know Google has many developer tools, platforms & APIs? This comprehensive yet still high-level overview outlines the most impactful tools for where to run your code, store & analyze your data. It will also inspire you as to what's possible. This talk is 50 minutes in length.

Powerful Google developer tools for immediate impact! (2023-24 C)

wesley chun

This presentation explores the impact of HTML injection attacks on web applications, detailing how attackers exploit vulnerabilities to inject malicious code into web pages. Learn about the potential consequences of such attacks and discover effective mitigation strategies to protect your web applications from HTML injection vulnerabilities. for more information visit https://bostoninstituteofanalytics.org/category/cyber-security-ethical-hacking/

HTML Injection Attacks: Impact and Mitigation Strategies

Boston Institute of Analytics

Real Time Object Detection Using Open CV

Khem

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

Automating Google Workspace (GWS) & more with Apps Script

wesley chun

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

In this session, we will delve into strategic approaches for optimizing knowledge management within Microsoft 365, amidst the evolving landscape of Copilot. From leveraging automatic metadata classification and permission governance with SharePoint Premium, to unlocking Viva Engage for the cultivation of knowledge and communities, you will gain actionable insights to bolster your organization's knowledge-sharing initiatives. In this session, we will also explore how to facilitate solutions to enable your employees to find answers and expertise within Microsoft 365. You will leave equipped with practical techniques and a deeper understanding of how there is more to effective knowledge management than just enabling Copilot, but building actual solutions to prepare the knowledge that Copilot and your employees can use.

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Drew Madelung

The presentation explores the development and application of artificial intelligence (AI) from its inception to its current status in the modern world. The term "artificial intelligence" was first coined by John McCarthy in 1956 to describe efforts to develop computer programs capable of performing tasks that typically require human intelligence. This concept was first introduced at a conference held at Dartmouth College, where programs demonstrated capabilities such as playing chess, proving theorems, and interpreting texts. In the early stages, Alan Turing contributed to the field by defining intelligence as the ability of a being to respond to certain questions intelligently, proposing what is now known as the Turing Test to evaluate the presence of intelligent behavior in machines. As the decades progressed, AI evolved significantly. The 1980s focused on machine learning, teaching computers to learn from data, leading to the development of models that could improve their performance based on their experiences. The 1990s and 2000s saw further advances in algorithms and computational power, which allowed for more sophisticated data analysis techniques, including data mining. By the 2010s, the proliferation of big data and the refinement of deep learning techniques enabled AI to become mainstream. Notable milestones included the success of Google's AlphaGo and advancements in autonomous vehicles by companies like Tesla and Waymo. A major theme of the presentation is the application of generative AI, which has been used for tasks such as natural language text generation, translation, and question answering. Generative AI uses large datasets to train models that can then produce new, coherent pieces of text or other media. The presentation also discusses the ethical implications and the need for regulation in AI, highlighting issues such as privacy, bias, and the potential for misuse. These concerns have prompted calls for comprehensive regulations to ensure the safe and equitable use of AI technologies. Artificial intelligence has also played a significant role in healthcare, particularly highlighted during the COVID-19 pandemic, where it was used in drug discovery, vaccine development, and analyzing the spread of the virus. The capabilities of AI in healthcare are vast, ranging from medical diagnostics to personalized medicine, demonstrating the technology's potential to revolutionize fields beyond just technical or consumer applications. In conclusion, AI continues to be a rapidly evolving field with significant implications for various aspects of society. The development from theoretical concepts to real-world applications illustrates both the potential benefits and the challenges that come with integrating advanced technologies into everyday life. The ongoing discussion about AI ethics and regulation underscores the importance of managing these technologies responsibly to maximize their their benefits while minimizing potential harms.

Artificial Intelligence: Facts and Myths

Joaquim Jorge

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

Imagine a world where information flows as swiftly as thought itself, making decision-making as fluid as the data driving it. Every moment is critical, and the right tools can significantly boost your organization’s performance. The power of real-time data automation through FME can turn this vision into reality. Aimed at professionals eager to leverage real-time data for enhanced decision-making and efficiency, this webinar will cover the essentials of real-time data and its significance. We’ll explore: FME’s role in real-time event processing, from data intake and analysis to transformation and reporting An overview of leveraging streams vs. automations FME’s impact across various industries highlighted by real-life case studies Live demonstrations on setting up FME workflows for real-time data Practical advice on getting started, best practices, and tips for effective implementation Join us to enhance your skills in real-time data automation with FME, and take your operational capabilities to the next level.

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

Safe Software

A Domino Admins Adventures (Engage 2024)

Gabriella Davis

Scaling API-first – The story of a global engineering organization

Radu Cotescu

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

Increase engagement and revenue with Muvi Live Paywall! In this presentation, we will explore the five key benefits of using Muvi Live Paywall to monetize your live streams. You'll learn how Muvi Live Paywall can help you: Monetize your live content easily: Set up pay-per-view access to your live streams and start generating revenue from your content. Increase audience engagement: Provide exclusive, premium content behind the paywall to keep your viewers engaged. Gain valuable viewer insights: Track viewer data and analytics to better understand your audience and tailor your content accordingly. Reduce content piracy: Muvi Live Paywall's security features help protect your content from unauthorized distribution. Streamline your workflow: The all-in-one platform simplifies the process of managing and monetizing your live streams. With Muvi Live Paywall, you can take control of your live stream monetization and create a sustainable business model for your content. Learn more about Muvi Live Paywall and start generating revenue from your live streams today!

Top 5 Benefits OF Using Muvi Live Paywall For Live Streams

Roshan Dwivedi

Recently uploaded (20)

Tata AIG General Insurance Company - Insurer Innovation Award 2024

How to Troubleshoot Apps for the Modern Connected Worker

A Year of the Servo Reboot: Where Are We Now?

Boost PC performance: How more available memory can improve productivity

Why Teams call analytics are critical to your entire business

Artificial Intelligence Chap.5 : Uncertainty

Powerful Google developer tools for immediate impact! (2023-24 C)

HTML Injection Attacks: Impact and Mitigation Strategies

Real Time Object Detection Using Open CV

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Automating Google Workspace (GWS) & more with Apps Script

Boost Fertility New Invention Ups Success Rates.pdf

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Artificial Intelligence: Facts and Myths

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

A Domino Admins Adventures (Engage 2024)

Scaling API-first – The story of a global engineering organization

Axa Assurance Maroc - Insurer Innovation Award 2024

Top 5 Benefits OF Using Muvi Live Paywall For Live Streams

Behavior biometrics - The silent revolution in digital fingerprinting

1. Behavior Biometrics The silent revolution in digital fingerprinting Rui Melo Biscaia Watchful Software

2. Some “house rules” on this Webinar 11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 2 1 You are muted centrally. You don’t need to mute/unmute yourself 2 This webinar is being recorded. You’ll have access to it on-demand on www.watchfulsoftware.com 3 The Q&A session will be at the end. You are welcomed to enter questions anytime, using the Questions feature in the GoToWebinar control panel Speaker Rui Melo Biscaia Director of Product Management & Strategic Accounts Watchful Software

5. Behavior Biometrics in a nutshell 11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 5 1 Monitors for identity theft attempts by means of analyzing typing patterns of users 2 Continually verifies users’ identities as they type during each windows session in an on-going basis 3 Requiring no hardware, is a software only solution, that understands who the user is in less than a tweet 4 Complements any Intrusion Detection System, or 2FA, by adding a behavior biometric layer 5 Works with any language, works with any app, works with any content 6 Runs in the background, transparent to the user, and never asking for dedicated text input 7 Delivers mitigation actions – Screenshot, Photo, Lock screen, E-mail, Text authentication screen, etc…

6. Behavior Biometrics - Use Cases 11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 6  What if someone tries to impersonate me send emails or post on my behalf?  How can the system tackle it and prevent that from happening?  What if a student allows another person to take the exam once he/she has entered the login details?  How can the system identify that the student taking the exam is actually him/her and not someone else?  What if someone knows or steals your login credentials?  How can the system understand and react to the fact that that the person using the computer is not you? Is someone else logged in my computer? Is someone trying to impersonate me in social media? Is someone cheating on this online exam?

9. TypeWATCH: Product suite offer 11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 9 4 Individuals WEB  To the enterprise  Managed centrally  Enforcement of policies  Security Roles & Levels  Monitor alarms  User based mitigation actions Enterprise

10. TypeWATCH Enterprise 11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 10  To the enterprise  Managed centrally  Enforcement of policies  Security Roles & Levels  Monitor alarms  User based mitigation actions Enterprise

11. TypeWATCH Enterprise 11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 11  To the enterprise  Managed centrally  Enforcement of policies  Security Roles & Levels  Monitor alarms  User based mitigation actions Enterprise

12. TypeWATCH Enterprise 11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 12  To the enterprise  Managed centrally  Enforcement of policies  Security Roles & Levels  Monitor alarms  User based mitigation actions Enterprise

13. TypeWATCH: Product suite offer 11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 13  To end-users/mass market  Download and start using it. No server.  Freemium pricing model  Also used for POCs and demoing the product 4 Individuals WEBEnterprise

14. TypeWATCH for Individuals 11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 14  To end-users/mass market  Download and start using it. No server.  Freemium pricing model  Also used for POCs and demoing the product 4 Individuals

15. TypeWATCH: Product suite offer 11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 15  To the enterprise providing web-based services  Does not require a client agent to be installed  Applies to a website or web platform 4 Individuals WEBEnterprise

16. 6 (tech) reasons why TypeWATCH 11/16/2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 16 Precise Delivers 98% plus accuracy and makes it virtually impossible to mimic another person's typing pattern Persistent Constantly assesses typing samples against a legitimate user’s stored dynamic pattern Dynamic Offsets tiredness, switching and or sharing of computers / keyboards, mood, influence of alcohol and medications, etc, and sets individual thresholds to every user to increase performance Simple There is no special hardware needed as with other biometrics – a standard keyboard is sufficient Safe Data verification is provided between the input (keyboard) to the matching algorithm (even with remote desktop typing) Auditable An intruder can be identified by means of matching the typing sample against the profile database.

17. Behavior Biometrics The silent revolution in digital fingerprinting Rui Melo Biscaia Watchful Software

Editor's Notes

As long as the session remains active, typical systems incorporate no mechanisms to verify that the user originally authenticated is the user still in control of the keyboard. Thus unauthorized individuals may improperly obtain extended access to information system resources if a password is compromised or if a user does not exercise adequate vigilance after initially authenticating at the console.
As long as the session remains active, typical systems incorporate no mechanisms to verify that the user originally authenticated is the user still in control of the keyboard. Thus unauthorized individuals may improperly obtain extended access to information system resources if a password is compromised or if a user does not exercise adequate vigilance after initially authenticating at the console.
Example Use case #1. Legitimate user is attempting to log in to his/her enterprise resources. The user provides valid credentials, and other risk checks have been verified (device recognition was checked, threat service is known, request is coming from a known location, no improbable travel event has occurred, and identity looks legit compared to our identity store). But if the user’s behavioral biometric profile doesn’t match the profile of record for the legitimate user Example Use case #2. Legitimate user fails to log oﬀ before leaving for lunch. An attacker sits down at that workstation and tries to view sensitive data that the legitimate user has access to. But because the attackers’ typing sequences do not match the legitimate user’s behavioral biometric profile, Keystroke Dynamics may invoke multi-factor authentication, thwarting the attacker and keeping the sensitive data safe
Flexible (passive) Enrolment and Roll-out Provides immediate or gradual enrolment Can be gradually or instantaneously deployed to the any number of users of users Profiling, Enrollment and Persistent Identity Validation The user is not required to type dedicated text nor to use dedicated application The system is ready to start, on it has gathered enough typing rhythms to built a first reliable biometric profile The profile is built dynamically and is constantly being updated Profile theft and reproduction are not a threat as Keystroke identifiers and information are: Stored as a hash value Masked before hashing Unique to each user Sent to the server in large chunks of data With no regard to the sequence they were originally typed Accuracy Marginal false acceptance rate Increases strength with every successful login Continuous security post-login (inside the perimeter) Does not register what is being typed. Only unique typing rhythms: Dwell times - time elapsed with a key pressed down; Flight times - time elapsed on the travel between consecutive keys
TypeWATCH, an e-biometric solution that continuously authenticate and detect possible intrusions.
Directed to enterprise customers Deployed centrally and allows for fine-grained management and enforcement of policies Supports Centralized Management and Monitoring Management of Users Assignment of Security Roles and Licenses Definition of security levels Control end-users allowed actions Reset user’s biometric profile centrally Monitoring Monitor alarms for each user Search for user actions/alarms and get details over the alarm
Administration Console monitoring tab example with: Alarms of each user; Search option; Alarm details including photo and screenshot.
Special actions can be selected: E-mail received by the user right after the intrusion detection contains the alarm details including photo and screenshot; After each alarm the workstation is locked and password authentication is requested. After authentication by password, the user workspace is locked again but now by the text authentication screen asking to the user to write free text in order to be authenticated by the way he types.
Directed to end-users/mass market Any windows user can download and install TypeWATCH and start using it in a matter of minutes Will be delivered initially as freemium/shareware and a paying version will come in the future Works as a stand-alone app on any windows computer Allows users to monitor and adapt security settings locally Users are able to verify what alarms where detected and when User are able to adapt their profile strictness level and hence the algorithm sensitivity May also be used for Proof of Concept/Demoing the product/algorithm

Behavior biometrics - The silent revolution in digital fingerprinting

Recommended

Recommended

More Related Content

Similar to Behavior biometrics - The silent revolution in digital fingerprinting

Similar to Behavior biometrics - The silent revolution in digital fingerprinting (20)

More from Watchful Software

More from Watchful Software (12)

Recently uploaded

Recently uploaded (20)

Behavior biometrics - The silent revolution in digital fingerprinting

Editor's Notes