Behavioral biometrics that uses machine learning is behind new features being added to IBM’s Trusteer Pinpoint Detect platform, which financial institutions use to head off crooks who may have stolen the username and password of legitimate account holders.
The new feature looks for anomalies between legitimate users’ normal mouse gestures and those of the current user, and over time refines the accuracy of its analysis, says Brooke Satti Charles, Financial Crime Prevention Strategist for IBM Security.
That analysis creates a risk score that banks can use to decide whether an ongoing transaction is fraudulent and trigger an alert. The institutions have to decide what to do about the alerts, but they could cut off the transaction or require further ID before the customer is allowed to continue, she says.
The platform already checks the geolocation and IP address of customers as they login in order to detect fraudulent use, and behavior biometrics is an enhancement. The new feature is based on technology developed with Ben-Gurion University’s IBM Cyber Security Center of Excellence. It builds what are called gesture models based on the recurring, subtle patterns of mouse movements and clicks.
The technology adds a layer of authentication – something the user does - to existing multifactor authentication such as something a user has and something a user knows.
Behavior biometrics will be added to existing Trusteer Pinpoint Detect customers Dec. 2 as an upgrade and will ship with new orders later in December as part of the standard package.