The Passive Authentication Market is expected to register a CAGR of 23.65% in the forecast period from 2021 to 2026. Voice biometrics replace traditional and outdated security methods such as PINs, passwords, and answers to security questions, offering a more secure and friction-free way to verify identity in telephone calls and digital transactions. Passive verification involves listening to the speaker’s voice while talking with an agent or a voice bot. This process usually requires a more extended period of speech to achieve a high-security verification score. Passive verification means a caller doesn’t need to remember their account number or phone number, which is beneficial for some customers. However, some customers may have some security concerns if they think the call center agent hasn’t asked for any proof of identity and completes their transaction without considering the security of the account holder. Passive Authentication even provides seamless Authentication to a user for network resources and internet access without entering user credentials multiple times.
Key Highlights
- Active verification requires less speech, and it usually only takes 2-3 seconds of speech for high-security verification. Passive verification can be advantageous as it allows users to be verified while in conversation with an agent. Passive verification is also useful for fraud detection purposes. It will enable companies to continually monitor conversations in real-time to ensure that the person they are interacting with is still the authenticated speaker. Both active and passive voice verification provide different benefits depending on the use case. The ability to use both active and passive ensures that organizations and their consumers will get the best outcome from a biometric voice solution. Significant advancements occur in the research and distribution of typing biometrics because keyboards are incorporated in almost any device, making typing behavior the most widely available user biometric.
- In January 2020, TypingDNA, a behavioral-biometrics company, announced that it raised a USD 7 million Series A round led by Google’s AI-focused venture fund called Gradient Ventures. TypingDNA has developed proprietary AT algorithms to authenticate users based on how they type. Through a simple training process of watching user keystrokes, the company can recognize further attempts from a specific user by matching them against their known account. This technology, called typing biometrics, could be useful for various applications such as Authentication, password recovery, fraud detection, and online education assessment to fingerprint users for more security than traditional forms of two-factor Authentication. Developers can use TypingDNA’s API as a passive two-factor authentication option, password recovery task, or ensure that inputs are matched to a given user.
- The Capital One credit card data breach in 2019 resulted in 106 million individuals having their data compromised. And that is just the most recent incident in a long line of events that have left consumers’ personal information vulnerable to scammers. Add to that the fact that most of the users practice alarming password hygiene. According to a LoginRadius infographic, 61% of users don’t change their passwords for fear of forgetting them, and a staggering 70% of millennials use one or two passwords that are easy to remember across multiple accounts. And the worrying fact is that even those who recognize the dangers aren’t taking the appropriate actions to protect ourselves. The challenges, risks, and attitudes combined with advances in the ease and accuracy of biometrics open the door for a passive way to authenticate instead of providing the details.
- In August 2019, ID R&D announced the release of the industry’s first production-ready, wholly passive facial liveness detection capability, IDLive Face. Until now, facial matching systems required some active step by the user, whether smiling, moving lips, blinking, moving one’s nose to follow a dot on the screen, or moving the camera. These active approaches to liveness bring significant friction to the user experience, which results in more inferior results, extra time, and inconvenienced customers. With the outbreak of COVID-19, multiple enterprises are transforming the security methods by defining next-generation user security experience with passive Authentication and control and trying to identify areas where the business can introduce AI/ML and automation to provide more frictionless user experience and security such as passive Authentication and context-aware computing.
Key Market Trends
BFSI is Expected Hold Significant Share
- Passive authentication methods are capable of identifying a person without their active participation. The banking sector could utilize this feature when a customer calls a bank instead of asking for account numbers or passwords, the agent merely interacts. In the background, the system listens to the customer and compares the voice to the voiceprint on file. Also, a mobile banking application can quietly track user behavior like typing cadence, swiping patterns, and even geographic location to provide continuous authentication if the user’s session has been hijacked. For financial services companies that require a more discrete enrollment process, passive voice biometric technologies are also readily available to enroll customers using archives of previous calls automatically. Then, customers are quietly authenticated during the initial seconds of every call, without being prompted for a passphrase.
- Increasing the data breaches in the banks is also increasing the need for robust authentication technologies with passive authentication being one of them. Most modern smartphones are also equipped with a wealth of sophisticated technology like accelerometers, gyroscopes, touch screens, and GPS. In behavioral authentication, a user is authenticated by the unique way they interact with the phone, such as how they type or swipe, or the angle at which they hold the device. It’s not just limited to smartphones and tablets, either. Top behavioral solutions can extract and analyze over 500 unique parameters from mouse and trackpad patterns to typing cadence and browser events. They track how users interact with Web and mobile applications identifying fraudulent behavior and providing a risk score for banking and financial companies for each transaction.
- The instance mentioned above shows that even if a criminal can log in successfully using a stolen username and password, a bank using behavioral biometrics to analyze their keystrokes and other interactions with a PC or mobile device can still thwart them ultimately determining that they are not, in fact, the authorized user they have logged in as. At National Westminster Bank in London, they track and analyze virtually every move that customers make on their Website and mobile application, looking for behavior that may flag that a user is not whom they say they are. And since behavioral technology is passive and doesn’t require user enrollment, it’s often used in tandem with other biometric security measures as an added level of protection.
- Authentication solutions such as Mastercard’s NuDetect use machine learning to analyze passive biometrics. These include how a person types, hold their phone, move their mouse, or use their phone to anticipate and prevent online fraud payments. The process to verify the person occurs without introducing any friction or interruption during the transaction. Mastercard has developed a range of products that use passive biometrics to help authenticate the right users. The passive biometrics is centered on probabilistically identifying if a legitimate person is physically present in the interaction. This can happen during account creations, login attempts, and transactions. At certain stages, the Mastercard products form a probabilistic match to a human depending upon observations of the passive biometric signals that can be captured during an interaction, behaviors, and some other data about the context of the transaction.
North America is Expected to Hold Major Share
- The North American region is witnessing several startups engaging in the development of passive authentication technologies. For instance, UnifyID, which engages in the development of frictionless online and physical dynamic probability and confidence scoring technology, has announced its general availability. The company said that it used over 100 behavioral and environmental factors to authenticate users with 99.999 percent confidence. The capabilities run in the background to remove the need for passwords, without arousing the same privacy concerns among users as facial biometrics. UnifyID’s machine learning system continuously learns from users. Even if a confidence score drops after a customer is injured or moves, and is temporarily required to use traditional authentication methods, these backup methods will be reduced over time.
- In September 2019, TSYS announced a new authentication product that provides real-time verification of customer identities. The TSYS Authentication PlatformSM utilizes customer experience data collected from direct cardholder touchpoints and combines into TSYS customers’ existing authentication systems. TSYS Authentication Platform will be launched in North America in 2020. The product is designed to verify that a person is who he or she claims to be, reducing application, transaction, and account takeover fraud, while still providing a frictionless customer experience. It’s effective at preventing synthetic identity fraud because it does not rely on reported data, which creates inefficient lag time in the verification process.
- In July 2020, Fortress Identity, a US-based company, has upgraded its digital ID verification and biometric authentication-as-a-service with passive facial liveness. Liveness detection leverages artificial intelligence (AI) technology to prove that a computer is communicating with a live human being. The platform leverages biometric facial recognition and passive facial liveness to match the user for transaction authentication and determine the user is alive, without any particular movement. The goal of the company was to deliver a frictionless onboarding experience and transaction authentication without compromising security.
- In November 2019, FICO, a provider of decision management and analytics technology, announced that it is adding two product families to its portfolio: FICO User Authentication, a comprehensive suite of capabilities including multifactor, biometric, and passive behavioral authentication, and FICO Identity Proofing, which allows organizations to digitally onboard new customers without requiring in-person verification. To support this effort, FICO has acquired EZMCOM, US-based security access provider for innovative and easy-to-use technology that can be deployed to protect users, data, and applications from credential theft, account takeover, and breaches.
Competitive Landscape
The Passive Authentication Market is moderately fragmented, which consists of significant players such as IBM Corporation, NEC Corporation, Cisco Systems, Inc., Thales Group, OneSpan, Inc., etc. The companies in the market are increasing their market share by launching innovative products and also by forming multiple partnerships and mergers. Some of the recent developments are:
- June 2020 - ID R&D, announced that RelyComply had selected its ISO/IEC 30107-3 compliant passive facial liveness product, IDLive Face, to integrate with their AI-powered Know Your Customer (KYC) offering. IDLive Face detects spoofing attacks when verifying a new client's identity without adding any extra effort to the onboarding experience.
- May 2020 - NEC Corporation has launched NeoFace Thermal Express to provide touchless screening. The latest offering combines personal protective equipment, and elevated body temperature (EBT) detection, which includes face masks, and NeoFace biometrics on a scalable and modular platform with video and thermal analytics.
Additional Benefits:
- The market estimate (ME) sheet in Excel format
- 3 months of analyst support
This product will be delivered within 2 business days.
Table of Contents
Companies Mentioned (Partial List)
A selection of companies mentioned in this report includes, but is not limited to:
- IBM Corporation
- Cisco Systems, Inc.
- Thales Group (Gemalto N.V.)
- NEC Corporation
- OneSpan, Inc.
- Verint Systems, Inc.
- Aware, Inc.
- Pindrop Security, Inc.
- Equifax, Inc.
- Nuance Communications, Inc.
- BioCatch Ltd
- ID R&D Inc.
- Fortress Identity
Methodology
LOADING...