Password Problem - Solved!
Download as PPTX, PDF1 like503 views
Intensity Analytics has developed a new biometric authentication solution called TickStream and KeyID that recognizes users by their unique typing characteristics without capturing or storing any personal information. This provides strong authentication through behavioral biometrics rather than passwords or other alternatives that have security flaws. The solution recognizes users from both known and unrestricted text entry on any device and outperforms other biometrics in security, privacy, usability, and cost. It can be used for authentication, fraud detection, and software license management.
Password Problem - Solved!
- 1. Password Problem – SOLVED! An entirely new approach to security: Know who is there by how they type
- 2. A BIG Problem … Passwords are ineffective Passwords are valuable targets Password alternatives are breached Solutions hacked Fingerprint biometrics @ geek.com Mar 2011 – Comodo Certs Sep 2011 – DigiNotar Certs Mar 2011 – RSA SecurID Social Media Sites hacked Mar 2013 – 50M Passwords Jun 2012 – 6.5M accounts Feb 2013 – 250k passwords Retailers hacked Nov-Dec 2013 – 110M accounts May 2014 – 145M accounts Jan 2014 – 1.1M accounts
- 3. How We Solve It my username my password my valuable data $
- 4. Our Solution A new biometric approach to security… Recognize users typing characteristics … • Known text (e.g., passwords) • Unrestricted text (e.g., e-mail) • Activities on the desktop (foreground / background) … without capturing any content
- 5. Our products answer … is it them? is it still them? when is it occurring? what are they doing? where are they? combined - context-aware, strongly authenticated computing what else is going on? TickStream® ActivityTickStream® KeyID
- 6. Our Edge Strong authentication and awareness with … • Nothing to remember • No personally identifiable information (PII) • Nothing to carry around • Nothing to be shared • Nothing to maintain • UNIQUE biometrics – (ours can be changed or withdrawn) Products Attributes security no memory no PII no equipment no maintenance low cost easy to use Intensity Analytics Passwords Tokens Fingerprints Facial recognition Good Okay Poor Comparison
- 7. The Factors of Authentication Security is based on the presentation of evidence of identity when the user attempts to sign in: Knowledge factor: something you know Ownership factor: something you have Inherence factor: something you are What we add is new: Behavioral factor: something you do TickStream.KeyID makes it possible for the computer to observe how you behave in a well-defined context – passively through your keyboard as you enter your username and password.
- 8. Benefits over existing solutions • Security – More difficult to impersonate than other biometrics – helps defeat replay attacks – It's not a "copy" that can be duplicated, but rather behavior that has to be performed in real-time – Can discern input from the keyboard vs. malware – helps defeat key-loggers and other types of malware – All data is encrypted - Network traffic via SSL & at-rest data via AES-256 • Privacy – No Personally Identifiable Information (PII) is generated or stored • Implementation – Transparency - quickly add a biometric factor to existing password-based systems – Flexibility - tune to the appropriate level of security depending on the assets being protected – Application agnostic - no training required to identify specific application details, patterns, etc. – Broad platform support - native Windows applications or any web application regardless of platform – No OEM or open source components – 100% our IP – Enterprise scalability and simple component design • Usability – Frictionless - people just keep working as usual – minimize negative impact to user experience – Uses ubiquitous hardware – no need for specialized readers or scanners – Improved user experience - reduce password complexity rules and forced password expiration
- 9. Use Cases • Authentication – Web applications – VPN access – Use as multi-factor authentication – Password self-service (without using PII): eliminate password reset calls to help desk • Constant Validation – Authenticate all transactions within a session – Strong non-repudiation (biometric digital signature – prove the negative) – Detect when unauthorized personnel access an open system • Fraud Detection and Monitoring – Detect when users change (keyboard & password sharing, license violations) – Identify and differentiate multi-user access to generic and role accounts – Automate detection of breached accounts • Software License Management – Eliminate shared credentials – Identify unused licenses
- 10. The Competition Fingerprint Tokens Cell phones One-time codes Hardware- based biometrics Passwords Popular alternatives Widely used Unpopular alternatives Gaining traction ● 3M Cogent, Inc ● Aware, Inc ● BIO-key International, Inc ● Cross Match Technologies, Inc ● DigitalPersona, Inc ● Fujitsu Ltd ● Lumidigm, Inc ● M2SYS LLC ● NEC Corporation ● SAFRAN SA ● Siemens AG ● Suprema, Inc ● ZKTeco, Inc Biometric vendors abound
- 11. 3 Reasons To Buy …. • Costs Less – Than other biometrics and token-based systems: it’s entirely software-based – Training costs are a fraction of other security solutions – Support costs are a fraction of other security solutions – Integration costs are a fraction of other security solutions – Password self-service (without using PII): eliminate password reset calls to help desk • Enhanced User Experience – No more need to memorize complex passwords – No more need to change passwords every 30 days, 90 days, etc. • Better Performance – Than other biometrics (proven by published independent 3rd-Party validation) – False Acceptance Rates as good as or better than fingerprint, retinal / iris scans, facial scans, voice recognition What other solution combines all three advantages?
- 12. Bottom Line Nobody Likes Passwords Passwords ARE Dying We Solve That!
- 13. Let’s Get Started! Kevin Spanbauer VP, Business Development Intensity Analytics Corporation kspanbauer@intensityanalytics.com www.intensityanalytics.com (952) 250-0836