Skip Navigation
BlackBerry ThreatVector Blog

Zero Touch Delivers Happier Customers, Sadder Attackers

Enterprise users—not unlike most consumers—are asking for system interactions to be as frictionless as possible. When it comes to younger employees/consumers, they are demanding it because instant gratification is what they are used to and have come to expect.

And when it comes to customers who need sensitive systems access, not delivering a sufficiently effortless interaction could cause some to abandon the experience and even consider switching their customer relationship.

Fortunately for CISOs, CSOs and security analysts, a frictionless credential experience doesn't have to mean insecure or even less secure, and can even mean more secure. The approach is known as continuous authentication, and it includes other technologies such as behavioral analytics and AI machine learning for Zero Trust architectures.

The Continuous Authentication Advantage

What continuous authentication does is leverage every single thing the system knows about users—where they are based, the angle they hold their phones, how fast they type and with how many errors per 100 words, how hard do they typically strike the screen, and what type of form factor (phone, laptop, desktop, etc.) they typically use.

It also couples that with everything the systems knows about how those specific users behave, as in what areas they typically access (i.e.: do they typically interact with payroll records or payment card information?), what actions do they usually perform, how long are they typically online during one session, from where do they typically log in, how much data do they typically download, etc.

Through this approach, the system can quickly make a precise determination if this person is acting like the person who has the credentials. And that authentication is far more accurate than a mere password, PIN or even a single biometric scan would be.

But that is only the "authentication" portion. Better yet is the "continuous" part. One of the big problems with typical authentication tactics is that it does a one-time check of credentials. If it clears, the user is free to do anything for an unlimited timeframe. In a physical sense, it's akin to a door lock. Once the key fits, there are usually no further checkpoints.

This allows for a cyberthief with stolen credentials to gain access and to engage in seemingly innocuous activities. And when the attacker shifts ten minutes later into nefarious activities—such as trying to change supply chain files—the authentication system has long since stopped caring.

With continuous authentication, the user is continually observed, and identity checks keep being made. The instant the user's behavior changes from the authorized user's profile, security teams are alerted and, depending on options selected and what the conduct is, the user could even be automatically locked out of the system.

The Zero Touch Approach

The critical point is that all of this happens behind-the-scenes, while the user experiences a fully frictionless experience – this is the Zero Touch approach. Frictionless, that is, until the user's behavior merits some friction in the form of someone asking questions. This is the quintessential security win-win: legitimate users have a hassle-free experience, while the system is far better at noting and blocking problematic behaviors. The system is safer, and the experience is better.

Something to consider, though. Even for legitimate users engaging in proper behavior, frictionless is not always ideal. Consumers in some situations prefer to see some security, as it comforts them that the enterprise is protecting them.

The typical example is a bank, where consumers interpret a little friction as comforting, as it's a visible way to see that their money is being well protected. It's similar to consumers getting a call from their bank asking about suspicious purchases. As long as it doesn't happen too often, consumers find it less interruptive and more comforting that the bank seems to be watching out for them.

Another benefit of continuous authentication is that it can be deployed in a device-agnostic manner. The marketing concept of single-view-of-the-customer—where retail marketers, for example, can see how the same shopper behaves in-store, online from a desktop device, online from various mobile devices, when asking questions of a call center rep, etc.—absolutely also applies in regard to an Intelligent Security approach

Takeaways

Good cyberthieves will typically shift activity from device to device and from IP address to IP address to try and trick systems into not recognizing them from an earlier attack attempt. But continuous authentication's use of behavioral analytics and behavioral modeling makes hiding far more difficult. No matter where the system thinks the user is coming from, all of the behavioral markers (typing speed, force of touch, the phone's angle, typos per 100 words, etc.) will quickly identify a user from earlier records.

For more information, visit BlackBerry.com/intelligentsecurity

Pooja Kohli

About Pooja Kohli

Senior Director of Product Management