BehavioMetric Protection Suite



This project’s BehavioMetric Protection Suite is an end to end solution covering the basic login, account recovery and fraud prevention. It utilizes the unique way users interacts with their mobile device and analyzes the data collected from the phone’s sensors using machine learning techniques. The data includes finger gestures, pressure, device tilt and more and is used to build a profile based on physiological, behavioral, and mental characteristics. This project enables users to safely access their accounts and perform high risk transactions without memorizing passwords and without compromising their privacy, since they do not provide sensitive data like fingerprints, face or iris.

In recent years, biometric application scenarios have become increasingly rich, coming into a stage of rapid development. And the biometrics market is expected to maintain rapid growth in the future. It is estimated that by 2020, the global biometrics market will exceed $25 billion, and the domestic market will exceed ¥30 billion. Although biometric technology is developing at a very high speed, relevant negative reports are under rising. Such as, Samsung Galaxy S8 iris scanner fooled by German hackers; Cybersecurity firm claims to have beaten the iPhone X's Face Id technology using a $150 mask; 5.6 million fingerprints stolen in U.S. personnel data hack; 130 million at risk of fraud after massive leak of Indian biometric system data.


Technology Introduction

Problems with current technologies 

Passwords: Hard to memorize

Tokens: High maintenance cost, easily transferred

One time password: Known to be insecure, high operating cost

Knowledge Questions: Easily hacked using social engineering

Biometrics:

  • Bound to Device:Uses sensitive data that are stored on the device, requires specific hardware
  • Address Limited Use-Cases:No support for cross device use cases such as account recovery
  • Easily Copied Visible Features:Fingerprints can be copied from surfaces, facial data using cameras
  • Privacy and Compliance Issues: Uses non-revocable data, does not require user consent

This Technology

This project provides biometric one-time password solution, and has a US patent. It phone’s sensors collect data including finger gestures, pressure, device tilt and more and is used to build a profile based on physiological, behavioral, and mental characteristics, and machine learning techniques will continuously learn on users’ every attempt. This solution will not compromise users’ privacy, since they do not provide sensitive data like fingerprints, face or iris. By using this technology, user can safely access their accounts and perform high risk transactions through handwriting random characters on mobile. Users can enroll his/her account around 30s, and the user verification only takes 4s. This project has established cooperation relationship with about 28 enterprises including Intel, HP etc.


Technology Advantage

MAXIMIZE TRANSACTIONS

Improved verification to match the risk level, without the need to memorize passwords, increasing customer satisfaction and reducing friction

MINIMIZE FRAUD

Based on non-transferable features such as finger movement and pressure. Random challenge at each verification prevents imitation and replay attacks

REDUCE MAINTENANCE COST

Reduce operational cost by cutting down the number of helpdesk calls linked to password resets, lower cost of ownership compared to expensive OTPs and tokens

GDPR COMPLIANCE

Does not utilize sensitive biometric data, requires user consent in verification process. Based on revocable data in case of identity theft or data leakage

SCALABLE SECURITY

Verification process is customized to match between the effort required from the user and the current risk level, to provide the ultimate user experience

DEVICE AGNOSTIC

Solution is completely agnostic to the device model, is not bound to a specific device, supports both client and server based verification


Market Size

Multi-Factor Authentication (15% CAGR)

Mobile Biometrics for banking/payments (32% CAGR)


Project Need

This project aims to raise $2 Million, 15% will used for G&A, 10% for PS, 20% for S&M, 55% for R&D.