Most of the time when we hear about companies collecting data, it’s because they want to sell us stuff that we probably don’t need but will likely buy if the price is right. However, our mobile devices and desktop computers can be a source of far more valuable data. The type of data that companies need to protect against data breaches and cyber-attacks. User behavior data.
When we browse a web page or click through an app, service providers can learn how we engage with their content and also accumulate useful data about our tastes and preferences by tracking what products, ads, and services attract our attention. Most of us are already familiar with this kind of user behavior data. However, every time we use our devices we also provide valuable insight into our habits and patterns: how quickly and the way we type (keystroke dynamics), our mouse movements, our geolocation, our login history. And it is this data that companies are now tapping into to detect all manner of cyber risks. How are they doing it?
What is behavior analytics?
Chances are you’ve already experienced user behavior analytics (UBA). For example, when trying to access online accounts while on a business trip or vacation abroad. You try to log into a social media or bank account, and this triggers a verification notice. Your provider has been alerted (by your geolocation or IP address) that your login behavior is unusual. So it takes you through one or two additional verification steps to ensure that you are indeed authorized to access your account.
In order to make this possible, service providers have to first track and collect information about your usual usage behavior. That data can then be used to detect and analyze your patterns. This is accomplished with machine learning algorithms, which sift through all the data and can compare real-time user actions against a set of control data i.e. the accumulated information about your past behaviors and actions. Every time you perform specific actions (move your mouse, type, click on the screen), these algorithms learn more about you and how you engage with platforms and applications.
If my typing speed is suddenly slower, my login device is new, or my mouse movements are abnormal, the algorithm will detect these anomalies and create a security alert. The service provider can then perform additional security tests (using two-factor authentication or multi-factor authentication methods) to verify and authenticate my identity.
Behavior Analytics Implemented Across Various Industries
As already mentioned, behavior analytics has helped e-commerce retailers refine their offers on the basis of customer engagement. It has also helped product developers create new features and grandfather content that users do not interact with.
But when it comes to matters of cybersecurity, the financial sector has benefited tremendously from user behavior analytics. Services that demand added security, like e-banking and mobile banking, not only rely on UBA to detect external threats but also internal ones. For example, employees abusing their access privileges or even altering their credentials to gain unauthorized access to data. Once detected by the algorithms, any suspicious activity can then be further investigated.
Many security-conscious companies are also now transitioning to passwordless authentication. This option not only offers added convenience (no more lengthy and complex passwords) but also added security. Since user behavior analytics tracks our location and type of device, service providers can make our mobile devices an integral part of the security process. This is frequently the case with mobile banking, where push notifications are sent to mobile devices (via apps) in order to authorize financial transactions.
Classifying Risks and Taking Action
Not every risk is the same. And it is essential to the user experience to not treat every risk equally. Let’s assume you’re abroad again. If a service provider’s UBA determines that your login behavior is unusual and then proceeds to deny all your access rights, this would constitute a very bad user experience. Especially if you’re attempting to access a bank account or use a credit card. The resolutions have to match the level of threat.
This is why UBA also relies on a scoring system to assess the threat level. Higher scores trigger more intense verification and authentication measures to prevent unauthorized access. A higher level threat might alert a company help desk or IT support. Whereas a lower level threat may be resolved by requesting additional authentication factors (2FA/MFA).
Why should you integrate UBA?
We’ve already determined that UBA helps minimize cyber risks, protect customer and company data, and ensure a positive user experience. Beyond those benefits, UBA also cuts costs. Not only by safeguarding against the financial repercussions of a potential data breach but also by eliminating the need for unnecessary investigations into minor security threats and automating as much of the authentication and verification process as possible. Click here to learn more about how to integrate UBA into your security system using the Nevis solution.