U've Entered to my Arena
Delfigo Security!!!!Watch Out Who's Typing Your Password???

(This Post adds to the AI of the next generation computer Era . Here I have also put a few contradictory ideas of my own to this very blog post)

Passwords can be one of the weakest links in an online security of the www world. Users too often choose one that can b easily guessed or poorly protected. Most of the times, they are usually yours boy/girls's name. A few users use alpha-numeric combination to strengthen their passwords. However  the present internet era assumnes that the strong passwords may need to be combined with additional measures, such as a smart card or a fingerprint scan, for extra protection. And developing nations have been following this for the last few years.

Delfigo Security, a startup , has proposed simpler solution to bolstering password security. By looking at how a user types each character and by collecting other delicate clues adding to the user's identity, the Delfigo's software - DSGatesway attempts to create an additional layer of security without the need for extra equipment or user actions. This software can be  combined with an existing authentication process. As the user enters his/her name and password, JavaScript records their typing pattern along with other information, such as their system configuration and geographic location. When the user clicks "submit," her data is sent to the Web server and, provided that the username and password are correct, the additional information is passed on to Delfigo. The  system then evaluates how well this information matches the behavior patterns of the appropriate authorized user.  The developers state that recording multiple factors is crucial to keeping one's system secure without making it unusable.Consider, If the user types a password with one hand, for example, while holding coffee in the other, the system must turn to other factors to decide how to interpret the variation, according to the algorithm desaigned fo this software. If she does this every morning, the system will learn to expect to see this behavior at that time of day.

The idea that a password should completely succeed or completely fail is now an old paradigm . According to this software, if the system sees something strange about the way that the user enters her password, for example, it just assigns a confidence level to that log-in attempt. Access levels according to this software is  configured depending on this confidence level. For example, if a user logs in from an odd location, lowering the system's confidence, it might allow her to see her account balance but restrict the funds that she is able to transfer. If the user needs to increase her confidence factor at that moment, Rodriguez says, she could answer additional security questions or have a one-time password sent to her mobile phone or via e-mail.

P:S: However, there is another point to be considered. Until we see how difficult it is to replicate the profiles, it'll be hard to say if this software is  more effective than existing security devices/software. 

Moreover. Today’s USER AUTHENTICATION system is developed for DESKTOP COMPUTING, and not for CLOUD COMPUTING where people exchange information between each other more regularly. Today, the computer is mobile be it the NetBook or your I-Phone. You carry it where you go and with pervasive mobile internet connectivity, you can get connected from anywhere using Wi-Fi, or GPRS or EDGE. The INTERNET SECURITY EXPERTS have a big challenge behind them  since we, the users are no longer stuck to a desktop. These days, we own an I-Phone from which we do most of our onlice access.

Posted: 09-10-2009 3:44 AM by pratima with 2 comment(s)

Filed under: ,


# re: Delfigo Security!!!!Watch Out Who's Typing Your Password??? @Saturday, September 12, 2009 11:25 AM

this is a very good post. though it faces challenges..  it can be of great help


# re: Delfigo Security!!!!Watch Out Who's Typing Your Password??? @Tuesday, September 29, 2009 11:33 AM

sounds like inclined to Artificial Intelligence somehow!

Archana Maharjan