That’s for you to decide. AimBrain gives you that power by providing a continuous authentication score from login to completion so you can decide upon the best balance between security and user experience.
Perhaps you’ll decide to step-up authentication when the score falls below a predetermined level set by your institution. Perhaps you’ll decide to step-up authentication automatically for certain transactions, such as large withdrawals or payments. Or you can let AimBrain’s proprietary algorithms decide when to go to the next authentication level. Whatever you decide, you’ll always be in control.
User attempts login with PIN. The PIN is correct, and the AimBrain authentication score sent to the bank’s risk engine matches their threshold. There’s a very high probability that the user is not fraudulent. The bank’s security protocol approves, and initial access is granted. There is no need for any additional security authentications at this point. And, it all happens in real time.
Our user is logged in and is happily navigating through the account – checking balances, verifying payments, and other typical banking activities. To this point, security screening has been completely invisible to the user. But AimBrain is continuously authenticating the user, constantly recalculating the authentication score and sending it to the bank.
AimBrain’s continuously calibrated authentication score has dropped. Why? Because AimBrain constantly monitors the user’s biometric behavior, and something is off. Perhaps touch pressure. Perhaps typing speed. In fact, there’s an infinite list of metrics that AimBrain monitors, any one of which could trigger a drop in score.
Alerted to potential fraud, the bank responds to the lower authentication score with AimBrain’s steps-up authentication. The user is then seamlessly stepped up to the facial or voice module for further authentication depending on the bank’s pre-determined security protocol.
The user has provided a response to the request for facial or voice identification. Authentication was verified, and the user’s score is restored to an acceptable percentage. Until this threat surfaced, the user’s experience was uninterrupted. AimBrain was constantly authenticating, but the process was completely invisible to the user.
But the session is not over. The user now wants to make a large transaction. AimBrain’s authentication score has not dropped, but the bank’s security protocol requires a step-up to facial or voice verification for a transaction of this size. Authentication is successful, and the transaction is completed.
The user completes her business and logs off. She’s happy. She completed her business with minimal disruptions for security authentications – though AimBrain was evaluating and reporting her score every single second. The bank’s happy too. It was a smoothly conducted bit of business, and everyone involved was kept safe.
Perhaps not everybody is happy. If a fraud attempt was made, AimBrain caught it. AimBrain’s authentication score instantly alerted the bank. The bank requested an authentication step-up. The fraudster failed the authentication, or got spooked and abandoned the attempt.