Following are the main characteristics of ANB’s patented solution suite:
ANB's solutions, designed for enterprise and cloud-based environments, are scalable and can be configured to suit evolving organizational needs. ANB’s solutions are designed and architected as Client/Server applications to support mobile smartphone and web access. The security model of our solutions is based on securing and hiding the critical processes and sensitive information at the server side using tunneled secured communication channels.
ANB’s solutions were built with modularity in mind in order to separate independent critical processes and core components from other processes and enable an easy way to control, monitor and upgrade the various software modules. ANB’s solutions system components can be divided into separate network cabinets, installed at the organization's IT infrastructure or at a secured cloud site, serving four different functions: Ongoing authentication services, Enrollment services, Biometric Identities Database and Behavioral BI Database.
ANB’s modular structure allows integration of various ANB’s technologies into one unified solution. Hence, BioSign’s behavioral biometrics engine can be interfaced with ANB’s BGP to create a combined biometrics/picture solution, or be embedded within ANB’s BioChop solution to ensure biometric signer’s authentication on digitally protected documents.
Comprehensive Authentication Protection
ANB’s authentication services can be implemented within the organizational enterprise infrastructure to support pre-defined use cases and different interfacing protocols as required. Without getting into the IT enterprise environment protocols, the classic implementation may provide risk-based authentication services, and any login or business transaction can be verified using behavioral biometric signature captured from unique pre-registered users’ smartphones.
Approved transactions can be mapped using behavioral analysis to provide additional layer of business intelligence. A behavioral analysis can also provide a better correlation with multi-factor authentication including users learned behavior such as geographic location and proximity, typical IP and range, registered smartphone, time, day of the week, purchase type, last purchase, amount etc.
The appropriate minimum level of confidence authentication addresses each risk-based business transaction. In effect, the greater the risk in the transaction, the higher the authentication that is required.
ANB’s behavioral biometric engines are risk-based oriented systems.
They learn each new authenticated signature within each user personal profile using self-adaptive capabilities as long as the provided new signature is within the acceptable differentiation from user’s profile, as configured by the organization’s policy.
Over time and use, the authentication engine “understands” and recognizes user’s behavioral identity better. In the case of unstable users’ behavioral signatures or any suspicious activity, the system alerts the administration team in real-time and adjusts the security level of the inspected user profile.
In a typical security policy configuration, with completion of the user’s signature enrollment, the system may start with a reasonable tolerance that is based on the first five enrollment signatures. As the user continues to successfully sign and be authenticated, the system may tighten its tolerance according to the overall stability of user’s signing.
The updated signature reference template is based on more samples and in most cases converges into a stable biometric pattern. Each user threshold is personal and reflects the user’s signature security level, consistency level and biometric level.
In addition, ANB’s solutions can support zones-level security policy where each user can create three levels of signature: initials, short signature and full name signature. Each of these signatures provides a different level of security/confidence.
Upon an authentication request, which was generated with respect to the business transaction risk level, the user is requested to provide the appropriate authentication with the minimum security level. This way, high risk business transactions can only be approved by signing high confidence biometric signatures.
In general, ANB’s authentication solutions are integrated with the OpenID SSO and SMAL SSO protocols. In the near future, ANB’s solutions are going to support the coming FIDO protocol too.
ANB’s core technology was developed and designed using world leading biometric standards, as follows:
ISO/IEC 19795-4 Biometric Performance Testing and Reporting
ISO/IEC 19794-7 Biometric Data Interchange Formats – Part 7: Signature/Sign time Series
ISO/IEC 24713-1 Biometric Profiles for Interoperability and Data Interchange – Part 1: Biometric Reference Architecture
ISO/IEC 19784-2 BioAPI 2.0
ISO/IEC 24709-1 Conformance Testing for BioAPI
ANB’s software core engines and technologies were designed to easily, securely and simply interface with third party enterprise software solutions and systems, such as RSA risk assessment security infrastructure, CA site-minder, Ping Identity and others. This enables organizations to implement ANB’s solutions either as a full-scope authentication management system with dynamic profiling capabilities or as a behavioral biometrics authentication engine embedded within other solutions.
ANB’s solutions implement multi-factors authentication model based on three independent security layers as follows:
1.Real-time behavioral biometric authentication
2.Background behavioral activity transactions dynamic profiling per user account.
3.Security forensics, alerting and monitoring system - archiving login/authentication events, behavioral analysis & profiling, and alerting security teams on suspicious events (like IDS systems).
4.Data in Rest and Data in motion encryption - all information stored in the system database and all communication channels are highly encrypted using encryption symmetric and asymmetric standards.
All information is highly encrypted using standard 256bits encryption.
All biographic profiles and biometric signatures are binary stored, representing each user's significant biometrics.
All stored biographic profiles and biometric signatures are used as a reference for comparing all on-line biometric data emanating from the desktop. Before any comparison against the stored binary biometric data is made, the sampled biometrics are pre-processed according to ANB’s proprietary mechanisms. This ensures no pad recording or printing.
ANB’s technologies are protected by patents and trade secrets. ANB's developed technologies and solutions were patented in the U.S.P.O (United States Patents Office), P.C.T. and U.K patent office. ANB has successfully filed 13 different international patents relating to its technologies and solutions, ranking it at the forefront of every aspect of behavioral biometric authentication systems using mobile devices.