Next Generation of Cyber Security: Behavior Based Security System
This post is also available in: 
עברית (Hebrew)
Security leaks have reached an all-time high these days, and are causing great concern among financial advisors, business owners and consumers. Nowadays there are ways to deal with this problem and prevent cyber criminals from getting the information they’re looking for, or at least make it harder for them. You could get the very best and newest security software or teach consumers and employers to keep better security on their login details to computers and internet sites.
These methods do make sense but are inherently flawed. There’s always the difficulty or making sure that all employees in a certain company will follow strict security instructions. Even if you give a fiery speech on the importance of “strong” passwords, there will always be at least one person in the room that would still be using “password123”, which is just the type of weak link a hacker is looking for in order to access the system.
Another problem is the constant progress in security and encryption systems. There is a behavioural pattern in the cyber security field, characterized in recurring attempts to outdo the opponent and to always stay one step ahead. In other words, computer security personnel will always come up with new protections and cyber criminals will always find breaches in the new defense softwares. So all the progress in cyber security field could serve us, but only for a limited time, and therefore, improving the cyberspace firewalls could never lead to a complete victory that crushes all cyber attacks once and for all.
Despite of this pessimistic note, it seems feverish minds have come up with an alternative method. Instead of continuing to focus on stopping cyber criminals by putting up all sorts of firewalls, new technologies were developed in order to detect said criminals red handed – Which is exactly what BioCatch company was able to do. The company developed a technology that recognizes users’ behavior patterns on certain computer applications and, according to that data, creates a usage profile on that computer.
How does it work? Each user has more or less recurring patterns of using the computer. You must move the marker in a certain way, type at a more or less fixed speed or hit the keys with a specific force. According to those characteristics and more, BioCatch can decide whether the person using your identification details really is you. It’s rather similar to the security service offered to us by banks, when each time we use our credit card from an unusual location, say from out of the state, someone from the bank will call or send a message to make that it really is us who used it.
Should the software detect a different pattern of typing or browsing, for example, the system makes the user provide extra verification in order to keep surfing. The main weakness of this software is that fact that human behavior isn’t always consistent. After a long day of work you probably type a little slower and that means the system could get the pattern wrong and lock your account. It’s also needless to say that following users’ behaior online must be more coomplicated than building another new security program. In spite of the faults, however, we’re probably expected to see many more services and products of this kind in the coming years.
