Tom Ketcham, CIO & EVP
According to industry studies cited by Intensity Analytics, some 80 percent of the cybersecurity problems of today are caused by compromised identities. Often, “identity” is defined as a person’s digital account, and the fact that it actually refers to a human being is frequently forgotten. The digital identification of a person usually depends on passwords, physical devices, or biometrics, which are easy to duplicate. “Our product understands physical movement and recognizes people rather than accounts,” explains Tom Ketcham, CIO and EVP of Intensity Analytics. The company offers unique physical user and entity behavioral authentication security software that provides authentication integrity and threat intelligence. Intensity Analytics establishes sustained trust in digital identities through advanced AI and machine learning engines that recognize a specific human being from the way they interact with a device.
Intensity Analytics’ AI engine recognizes people on the basis of their behavioral biomechanics. This approach offers another major benefit: to understand bot-like behavior and differentiate it from human behavior. Their AI engine produces a general human variability model, which shows how humans are reliably inconsistent, and exposes programmatic approaches that have a certain amount of predictability. “Understanding the uniqueness of each individual helps our technology outperform others, and we are constantly developing our technology to protect against even the most advanced attacks,” explains Ketcham.
There are three products that Intensity Analytics have already released in the market. One of these products, TickStream.KeyID, protects the end-point during login. This product uses patented machine learning and AI algorithms to analyze user behavior and establish identity. Ketcham says, “We never capture what is entered, but only the metrics of the effort. It is not what is typed, but how it is typed, that is important.”
Through our patented software, we offer a balance between security, privacy, and usability to establish sustained trust in digital identities
The second product, TickStream. Activity, is a desktop product that monitors all user-related interaction with a device. It documents what the user is focused on, background applications, and the level of user involvement, among other things. Beyond just cybersecurity, this product offers metrics for management and auditing functions. The third product is called TickStream.CV. It provides continuous assessment of the user present on a device, using some of the same physical behavior analysis techniques as their other products. An example of its use is providing evidence regarding the creator of a particular document for insider threat investigations, regulatory compliance, and invoicing support. While all their products complement each other, they can also be run as separate modules, and can be delivered on a variety of platforms and directly accessed through an API.
Among the company’s commercial clients is a corporation manufacturing medical devices that needed to comply with various regulations worldwide. The client’s single sign-on platform required greater security, and deploying a new solution was a challenge due to complex privacy requirements and the vast number of employees. Since Intensity Analytics’ product requires no physical token, special hardware, or training, and complies with strict privacy regulations like the GDPR, it proved to be the best fit. According to the client’s CISO, this combination of factors is key to delivering an affordable and manageable solution that meets the needs of a large global enterprise.
Today, securing digital identity has become ever more complicated with the increase in privacy regulations and data breaches, leading to repercussions like the recent Facebook hearings before the US Congress. “Our approach eliminates all the problems with physical tokens and biometrics, and offers that serene balance between security, privacy, and usability, providing the user frictionless control and assuring strong, reliable protection of data,” concludes Ketcham.