Ability to learn
At the beginning of its service, the system needs to get to know the user in all relevant dimensions. The user's personal and contact data, equipment, services and service platforms he or she uses, but also the necessary biometric data such as physiognomy and typing pattern, voice, vein or iris pattern. Furthermore, the system cannot freeze on the level it once learned. The system needs to update its recognition pattern regularly.
Adaptability and intelligence
Not every occasion requires the same degree of security. The system should choose the "level of assurance", i.e., the required level of authentication, risk-based. The system should be equally adaptive in case of deviations from the stored authentication patterns. If the voice recognition fails because of a cold, this is no reason for an alarm. But if someone tries to log on with an unknown terminal at an unusual time at a distant place, the failure of the voice recognition is a very good reason to ask for further evidence of identity.
Vigilance and fast reaction
The more features differ from the known patterns during an attempted authentication, the more suspicious the system becomes, and the more stringent the criteria it should apply. If the "risk score" reaches a certain level, the system should check immediately whether a fraud attempt is behind the observed irregularity and prevent access, given the case.
Cumbersome safety measures induce the user to avoid them. Many biometric methods such as facial recognition or analysis of typing behavior require very little active human involvement and are therefore suitable for everyday authentication and mobile security.
Reliable data protection and transparency
Because the digital identity is so important, the user must know whether and when it is applied and to what purpose. Similarly, the data used for authentication must be secure and its access must be clearly regulated and transparent.
This combination of context-based, multi-factor authentication, the intelligent detection of deviations and the reaction to it is offered by the NEVIS Security Suite. It combines best-of-breed expertise by technology partners such as BioID or Behaviosec.