IBM announced its new Pinpoint Verify technology on Nov. 8, providing organizations with a model for combating online fraud with a digital identity trust approach.
Alongside the new technology release, IBM sponsored a report from Javelin, titled “Preserving Trust in Digital Services,” that provides context for why digital identity trust is needed. Among the primary findings of the 27-page report is that financial institutions reported that just 50 percent of consumers believe mobile banking is secure.
“Many popular methods, such as user name and password or knowledge-based authentication, can be both ineffective at stopping malicious users and cause customer frustration,” Jason Keenaghan, director of IAM and fraud at IBM Security, told eWEEK. “However, we were most surprised to see these organizations reporting on their actual authentication failure rates.”
Respondents to the Javelin survey indicated that more than one in five (22.8 percent) of their users are failing authentication. Keenaghan said that for a significant portion of respondents (13 percent), that number goes as high as over 40 percent failure rates.
“These numbers clearly indicate that users must be highly frustrated with the authentication process, even more than we had expected,” he said.
The Trusteer Pinpoint suite provides multiple security and fraud protection capabilities that have been expanding in recent years. Keenaghan noted that Pinpoint Verify is an entirely new product module within the Trusteer Pinpoint suite, to enable digital identity trust.
“We leveraged MFA [multifactor authentication] technologies already available from the IBM identity and access management suite, known as IBM Verify,” Keenaghan said.
Keenaghan said the areas of identity and online fraud detection are coming together to serve the new market needs for digital identity trust. Similar to the other products in the Pinpoint suite, Pinpoint Verify is a cloud, microservices-based offering for easy deployment, he added. Pinpoint Verify also has a publicly available mobile app for iOS and Android, as well as an SDK available on GitHub to integrate authentication into custom mobile apps.
Keenaghan explained that a typical Pinpoint Verify deployment would involve leveraging IBM’s SDKs to integrate MFA into an organization’s existing digital services portal, website or mobile app.
“The integration is done once, and future changes to leverage the latest authentication factors can be done seamlessly without changing the underlying application, reducing time to market and speeding the development process,” Keenaghan said. “The back-end service itself is delivered from the cloud, so there is nothing to install or manage in the data center.”
Pinpoint Verify joins other Pinpoint modules, including Assure and Detect, to help manage digital identity trust. Keenaghan said that the Pinpoint Assure module is used to assess the risk of new or anonymous users, building or establishing initial digital identity trust. Pinpoint Detect helps organizations continuously assess the digital identities of known or enrolled users, sustaining that digital identity trust. Finally, if one of these two (Detect or Assure) flags a user as high risk, Pinpoint Verify allows organizations to confirm trust using two-factor strong authentication, he said.
“Pinpoint Verify works with Pinpoint Assure by providing step-up authentication for high-risk users only,” Keenaghan said. “It allows the user to confirm the trusted relationship they are building with your organization using multiple different flavors of two-factor authentication: one-time passwords, mobile push, biometrics or other flexible options.”
Looking forward, Keenaghan said IBM will continue to invest research and development resources into new and innovative ways to detect and stop the latest threats.
“We are heavily invested in AI and machine learning. Now that might seem just like buzzwords, but for us it is not,” he said. “Our researchers are constantly enhancing our AI models to implement new use cases like continuous authentication with behavioral biometrics, bot detection and privacy-preserving client-side analytics.”
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.
