A Privacy-First Approach to Behavioral Analytics

0
1058

Behavioral analytics is emerging day by day in the financial sector with more number of banks and Fintech companies are collaborating with behavioral analytics-based fraud detection providers. Since behavioral analytics gives an ideal balance among the accessibility and security in terms of handling fraud detection and cybersecurity for the onboarding and transactions process.

Behavioral analytics are mostly used in cybersecurity and fraud detection and not on any novel concept. Most of the banks are working with cybersecurity vendors who are very well specialized in web behavioral analytics. Behavioral analytics are used to monitor and identify patterns such as the way the user type and move their mouse during online interactions and cybersecurity specialists will be able to detect and report certain anomalies in the user behavior on the web browsers.

Behavioral analytics for connected devices and user privacy

Due to the explosive growth of online banking user’s are started to use banking applications of their bank for checking balance, make a payment, and also transfer funds among different accounts, hence all these data generated has become a holy grail for many parties who are interested in analyzing the user behavior.

Mobile behavioral analytics has become more intimate than the web due to lots of sensors involved such as accel, gyro, and touch among them. And analyzing this personalized information can provide deep insight such as the daily life and behavior of these users which includes user is left-handed or right-handed, what time does the user wake up or got to bed, etc. Hence storing such highly sensitive information on centralized services is proving to be a massive breach regarding security and user privacy.

Devastating cost of centralizing sensitive data

For understanding, the level of risk in mobile behavioral biometrics can expose the business one such example is Suprema’s Biostar 2. Most of the organizations in the world relied on Biostar 2 security system for authentication and for managing access to their buildings. The system mostly used sensitive biometrics for operating such as facial recognition information and fingerprint data. However, all came to crash when a team of researchers discovered that these systems exposed massive vulnerability such as exposure to vulnerable user data which include unencrypted username and password, facial recognition information, etc. This was all due to centralized architecture, which made easy exploitation.

Decentralizing can be leading the way forward

Most of the top leaders in mobile space such as Apple and Google and the scientific and privacy communities believe that decentralizing is the only step forward. Financial organizations such as banks and Fintech companies are more vulnerable to the centralizing approach. Implementation of AI and ML algorithms on the device can help to increase decentralization rather than storing user sensitive data on a centralized server. Most of the companies such as Apple are using methods of AI training which gives the algorithm to be trained on-device so that these data can be used to improve apps that never leave the device.