New biometric solution guards email against account takeovers
At the root of most data breaches is a compromised account, but these can be very hard to identify, often coming to light only after they've been used to steal data.
Email security specialist GreatHorn is launching a biometric solution that effectively identifies compromised accounts and blocks takeover attempts by validating users using their unique typing patterns.
Account Takeover Protection uses machine learning techniques to capture a user’s unique typing pattern on both desktop and mobile devices. After initial authorization, GreatHorn will use a pre-determined trigger -- such as frequency, time delay, or communication pattern anomalies -- to re-authenticate the user. The tool doesn't capture keystrokes, rather it analyzes keystroke dynamics, such as speed, pressure, and timing between key press and release.
Administrators can configure actions based on authorization failures, such as displaying a warning banner to the recipient, removing the message on send, alerting the security team, or simply logging the event for later analysis. Failed attempts feed into the GreatHorn Reporter dashboard providing context for faster incident response.
"Most email solutions rely on binary or perimeter-based analysis to prevent email attacks, but these methods fail to identify when a legitimate account has been compromised," says Kevin O'Brien, co-founder and CEO, GreatHorn. "Our Account Takeover solution uses proprietary keystroke analysis to match typing patterns as a unique identifier. Your typing pattern is unique to you and extremely difficult to replicate, making it highly accurate and nearly impossible to circumvent. And because the action of typing is a part of a user's everyday workflow, it allows for periodic validation with minimal disruption."
GreatHorn will be demonstrating the solution on its stand at this week's RSA 2020.