This project’s BehavioMetric Protection Suite is an end to end solution covering the basic login, account recovery and fraud prevention. It utilizes the unique way users interacts with their mobile device and analyzes the data collected from the phone’s sensors using machine learning techniques. The data includes finger gestures, pressure, device tilt and more and is used to build a profile based on physiological, behavioral, and mental characteristics. This project enables users to safely access their accounts and perform high risk transactions without memorizing passwords and without compromising their privacy, since they do not provide sensitive data like fingerprints, face or iris.
In recent years, biometric application scenarios have become increasingly rich, coming into a stage of rapid development. And the biometrics market is expected to maintain rapid growth in the future. It is estimated that by 2020, the global biometrics market will exceed $25 billion, and the domestic market will exceed ￥30 billion. Although biometric technology is developing at a very high speed, relevant negative reports are under rising. Such as, Samsung Galaxy S8 iris scanner fooled by German hackers; Cybersecurity firm claims to have beaten the iPhone X's Face Id technology using a $150 mask; 5.6 million fingerprints stolen in U.S. personnel data hack; 130 million at risk of fraud after massive leak of Indian biometric system data.
Problems with current technologies
Passwords: Hard to memorize
Tokens: High maintenance cost, easily transferred
One time password: Known to be insecure, high operating cost
Knowledge Questions: Easily hacked using social engineering
This project provides biometric one-time password solution, and has a US patent. It phone’s sensors collect data including finger gestures, pressure, device tilt and more and is used to build a profile based on physiological, behavioral, and mental characteristics, and machine learning techniques will continuously learn on users’ every attempt. This solution will not compromise users’ privacy, since they do not provide sensitive data like fingerprints, face or iris. By using this technology, user can safely access their accounts and perform high risk transactions through handwriting random characters on mobile. Users can enroll his/her account around 30s, and the user verification only takes 4s. This project has established cooperation relationship with about 28 enterprises including Intel, HP etc.
Improved verification to match the risk level, without the need to memorize passwords, increasing customer satisfaction and reducing friction
Based on non-transferable features such as finger movement and pressure. Random challenge at each verification prevents imitation and replay attacks
REDUCE MAINTENANCE COST
Reduce operational cost by cutting down the number of helpdesk calls linked to password resets, lower cost of ownership compared to expensive OTPs and tokens
Does not utilize sensitive biometric data, requires user consent in verification process. Based on revocable data in case of identity theft or data leakage
Verification process is customized to match between the effort required from the user and the current risk level, to provide the ultimate user experience
Solution is completely agnostic to the device model, is not bound to a specific device, supports both client and server based verification
Multi-Factor Authentication (15% CAGR)
Mobile Biometrics for banking/payments (32% CAGR)
This project aims to raise $2 Million, 15% will used for G&A, 10% for PS, 20% for S&M, 55% for R&D.