A new employee completes the onboarding process with his HR department, discussing the company’s 401(k) plan options. Weeks later, he responds to an email that appears to come from the retirement plan provider. Except it’s not, and now his data is compromised.
Roughly one in five office workers have been the victim of a phishing scam, according to Intermedia’s 2017 Data Vulnerability Report. But there is a solution to the problem.
Organizations such as TSA and CLEAR are helping to ease airport lines by registering eyeballs and finger prints. The process creates some friction by taking time and expense up front, but users are rewarded with the ability to go through the security line faster. Intensity Analytics applies the same concept to identifying spoofed emails — making inbox management faster, easier and more reliable with a simple setup.
The notion of digitally signing communications is well known. Public key infrastructure, or PKI, is the reason why so many companies ask for our first dog’s name or the street we grew up on. But this is stealable information. It violates the three tests of second-factor authentication: What you have, what you know and what you are.
Through a new patent application, Intensity Analytics takes that concept of token identification further by validating it through secure, unique user behavior.
A military commander with field operations in a hostile country has to know that when a subordinate sends a communication detailing the location of enemy artillery, he is in fact who he says he is. Intensity Analytics’ TickStream suite of products will make such a guarantee. The patent-pending process involves signing a document with the signature of the person who composed the document. Applied to email, this means the engine will look at the totality of the typing that was involved in composing a message and use it to compile a signature for the message, ensuring it is linked to a real, identifiable person.
And, it’s not simply spoofed emails that are identifiable with this patent-pending application. Just one example: False electronic requests for unauthorized drugs would be a thing of the past.
Partnering with email clients to provide a simple email plugin, Intensity Analytics will be able to add a visual representation to every email a client receives authenticating the source of the message. No more getting caught up in phishing scams from a fake 401(k) provider.
In the future, it will be possible to challenge digitally-produced data of all types. Photographs, videos, documents. The ability of Intensity Analytics’ patent-pending process to embed an element of identifiable human behavior that cannot be manipulated will become critically important.