A security system that is based on behavior is adopted by the organization which helps determine its users based on what and how they use it. A new system of security has been launched by Aetna for its web and mobile applications used by its consumers that render an option of making password discretional. The new security system based on behavior detects user devices based on the location of the machine it has been used in rather than just having the barricade of fingerprints and passwords for entry. Biometric protection present on the devices of the consumers can be added by them.
Jim Routh, chief officer at Aetna believes passwords to be the chief support of the traditional authentication methods used online. “A consumer can make use of an application if they possess the correct User ID and password” claimed Routh.
Reports of Shape Security suggest that over three billion passwords were accumulated in the US by criminals in the year of 2016.
According to Jim Routh, the method of credential stuffing is exchanged by criminals on the Dark Web in order to gather passwords and objectify various domains on the web. The repetitive use of the same passwords on various sites helps criminals to takeover account by two percent along with the use of credential stuffing. Routh also believes that passwords have become the dominant method of authentication and that the perspective of Enterprises needs to change in terms of using controls that are binary for an online authentication and various aspects must be taken into consideration.
Aetna provides an option to the consumers to choose preferable biometric factors then apply that choice as a guideline of authentication deliberated by a risk engine.
The risk engine appends a user to one or more than one device commonly used by them. The request of authentication contains a biometric or PINS to approve if the user chooses to append their identification to the current device if a new device is being used. The favorable guidelines based on behavior are compared to the current behavioral model by the risk engine and it regulates an average risk based on the comparison.