Behavioral biometrics technology leverages a user's unique mouse, keyboard, and touchscreen behavior to authenticate them online. Unfortunately, it takes considerable time to train these models well enough to effectively identify one unique user from another.
According to this study about the use of on-mouse dynamics for continuous user authentication, it can take hundreds or even thousands of samples collected over at least four weeks to learn individual user patterns well enough for user identification to reach about 91% accuracy. In this case, behavioral biometrics requires significant upfront time and resources to work effectively, not to mention the costs associated with the professional services required to integrate and train the tool.
In contrast, location identity technology is based on location behavior, which can start protecting against unauthorized access right away based on the establishment of relationships between:
After establishing these relationships, the Incognia SDK provides multi-layered protection, delivering security through a combination of insightful user identity signals. It provides two primary levels of protection from unauthorized access as well as securing the authentication process.
Incognia starts securing the account when a device accesses the account for the very first time. At this stage, Incognia performs a series of device and application integrity checks. It analyzes whether:
At this stage, Incognia also uses advanced technology to create a unique “device fingerprint” for each device, allowing it to be quickly and easily recognized during future visits. Device fingerprinting is a way to combine select software and hardware attributes of a device — like the brand, model, screen resolution, memory size, operating system version, etc… — to identify it as a unique device. This first level of protection lays the groundwork for establishing trusted locations and helps protect the onboarding process against threats like fake account creation.
With subsequent account access, Incognia starts building a location behavior pattern for the device. Incognia has developed proprietary algorithms that establish a pattern of location behavior for each user based on three criteria:
When Incognia detects that a user is at one of their trusted locations, there is a high probability that the transaction is legitimate and at lower risk for fraud, enabling the app to offer a frictionless authentication experience.
Incognia requires at least three logins to create an initial location fingerprint for a user. Subsequent log-ins allow us to refine and customize this set for increased protection.
This process is equivalent to the “enrollment stage” in other authentication systems. Enrollment is the process of collecting data samples from a person and subsequently storing the data in a reference template representing a user's identity to be used for later comparison.
In 2022, Incognia’s engineering team published a paper entitled “Using Location as a Signal to Affirm Identity Online,” which demonstrated that Incognia’s technology can identify an individual with an accuracy rate of 1 out of 17 million using five spatio-temporal points.
The time required to establish the set of “trusted locations” and start the “Advanced” Protection depends on the app usage model:
Users move around, and our technology understands that. Incognia keeps the set of the user’s trusted locations secure and up-to-date. Even if the user travels, we continually monitor location changes to ensure that our algorithms adjust accordingly - running basic jobs daily and more comprehensive ones weekly for maximum security.
Incognia's dynamic approach to authentication helps ensure that user accounts stay secure from the first login to the last thanks to the power of precise location data for establishing identity. Traditional biometric behavior technologies can't match Incognia's speed and precision when it comes to protecting accounts.