I know how you swipe on your device!!!

Dealing with the risks of behavior biometrics

Source: Freepik
  1. User and Entity Behaviour Analytics focuses on gathering insights from user behavior and planning better design to engage users with the service. App providers have inherent options to track behaviors as part of app development to track user behavior using listeners and event handlers with smart sensors available on mobile or IoT devices. Such analyses are used in the context of cybersecurity also.
  2. Similarly, user access to websites, the pages they look at, the time they spend on pages, the mouse moves, clicks, and the time between activities are increasingly tracked by web pages to create more engaging pages.
  3. Service and tool providers have APIs, tools, and tech interventions to enable and integrate technology with digital services for cyber defense (authentication and continuous authentication). These are currently used in payments, internet banking, e-commerce, and high-security authentication environments. Behavior biometrics offers benefits, including flexibility of their use for different use cases, the convenience of collection without any exact condition, and the opportunity to enhance security.
  4. However, it has certain downside risks. There is the increased use of behavior biometrics (a) in attention engineering of the user with addictive design and deceptive patterns and (b) in cyber-attacks by adversaries to mimic human behavior, thereby exposing the user to privacy threats, data breaches, financial loss or exploits and misused digital footprints (including for criminal activities).
  5. Attackers use behavior biometrics to mimic user behavior with keystrokes, mouse movement, or audio to appear genuine. The unique signatures collected from behavior biometrics could be used for data-based type attacks bypassing existing behavior biometric systems. As per Nu DataSecurity (a Mastercard Company), in H1 2021, there was an increase in sophisticated automated attacks (e.g., imitating human keystrokes and mouse movements) by 23% compared to the previous period.
  6. Above all, the strategic intelligence value of such behavior biometrics can be significant for the nation-state and geopolitical environments. In addition, gathering insights around attentiveness, mental fatigue, stress, anxiousness, fear, or cheerfulness using behavior biometrics can be exploitative and catastrophic exposure to user identity. Also, identifying gender using behavior biometrics can increasingly contribute to today's mounting algorithmic bias.



Ethics and Compliance Professional, Podcast Host, Article writer, Researcher. https://www.linkedin.com/in/sundaraparipurnann/

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store