August 5, 2019

How Does Anyone Know You Are You In Cyberspace?

You know who you are; at least what your birth certificate and parents have told you. You probably have countless other forms of identification from social security cards to a driver’s license, from work badges to passports. You use all of these forms of identification to authenticate you to specific resources such as driving, getting into a bar or leaving the country. But you can’t use your driver’s license or passport to authenticate you into MS Office or the Google Suite.

Who Are You In Cyberspace

In cyberspace, you create a digital identity usually with a login and password at a minimum and with some form of multifactor authentication (i.e. fingerprint, face scan, sms code) at best. So, the only way to gain access to the greater than 2 million apps now available to enrich your life, make you more productive, or just provide a fun way to pass the time is to define a digital credential and then safeguard it from cybercriminals. For a quick reminder of how your identity is authenticated in cyberspace, please check out this blog titled “The Evolution of Identity Authentication”.

But, given the popularity of shows like Ready Player One and Catfish, you probably also know that your identity in cyberspace can be rather fluid and completely susceptible to someone else hijacking it or even out right stealing it for their own use.

But Your Identity Is Constantly Under Attack

Your login credentials have been compromised. Your passwords have been hacked no matter how complex you’ve made them. Two-factor security is temporal, causes high friction and can be easily intercepted during transmission.

Current multi-factor authentication (MFA) security solutions lack context and rely on too few attributes. Your biometrics are binary, and regardless of how safe a fingerprint or retina scan appears to be, it can be spoofed and cannot be reset, ever. And, there are few, if any, solutions that continuously validate your identity post-authentication. 

Bottomline, as stated above, is that we live in an age where every credential is persistently under attack, so now it is just a matter of continuously authentication based on something that can’t be faked in order to develop your identity access management strategy effectively.

Continuous Behavioral Authentication

Acceptto was the first to understand, develop and deliver continuous authentication. Our company was built on the foundation that the only way to ensure digital credentials are being used only by the person who those credentials represent and not some imposter or someone hijacking a device correctly authenticated by that person. More importantly we recognized that the only immutable credential would have to be based on the unique behaviors of each individual.

Acceptto’s eGuardian engine continuously creates, and monitors user behavior profiles based on the user interaction with the It’sMe authenticator. Every time an activity occurs, actionable intelligence is gathered and used to optimize the user profile. eGuardian is capable of autonomously and continually learning new policies and adapting existing ones. While policies can still be manually defined and contribute to the computation, our Biobehavioral AIML approach automatically finds the optimal policy for each transaction. eGuardian leverages a mixture of AI & ML, expert systems and SMEs to classify, detect, and model behavior, and assign real-time risk scores to continuously validate your identity prior to, during and post-authentication.

 

Watch our latest webcast entitled “Behavioral Authentication: What can it do for you” today and then check out what Acceptto can do to ensure your employees, partners and customers can authenticate without passwords and still ensure security and privacy registering for a free demo today.

 

multi factor authentication identity and access management system continuous biobehavioral authentication