SecureAuth Corp. has added a new security feature to its lineup: continuous facial recognition, designed to safeguard computer users in the increasingly remote and hybrid work environment.
The company’s SessionGuardian technology ensures constant verification of a user’s identity while they are actively using a computer, addressing a major security gap facing businesses today.
“We’ve all learned to live with initial facial recognition on our smart phone,” SecureAuth CEO Joseph Dhanapal told the Business Journal on Jan. 23. “Now we’ve proven we can take technology one step further and biometrically continuously monitor a person’s face.”
Biometric security encompasses various measures, including facial recognition and behavioral identifiers like how a user moves their mouse. SecureAuth’s solution combines these biometrics with multi-factor authentication for industries handling sensitive data, such as healthcare, financial services, legal firms and government contractors.
From Logging in to Logging Out
Dhanapal explained the limitations of traditional authentication methods: “The iPhone looks at you or Windows looks at you and says, ‘Oh, this is the authorized user, and I’m done.’”
“But then if the device were to be stolen or somebody hijacks the token and starts using it, the bad guys could access your apps and data,” he said. “But with our technology, the authentication isn’t just at login but is continuous until the user logs out. As long as the authorized user is sitting in front of his computer, he gets access to all the components. The moment he walks away, the computer locks up.”
SessionGuardian works by reading a user’s face and mapping it to a profile picture. The system connects the digital identity to the individual’s face and further validates the identity using a government-issued ID card.
This ensures that the system confirms the right person is accessing the device, Dhanapal noted in written comments.
SecureAuth, which ranks No. 27 on the Business Journal’s annual list of OC software companies by headcount, counts prominent organizations such as Bass Pro Shops, Nissan, the American Red Cross, Ferrari, ExxonMobil, Revlon, AARP and Office Depot among its customers.
‘Shoulder Surfers,’ Screenshot Thieves
It also adds protection against common risks like someone spying over the user’s shoulder – called a “shoulder surfer” – or taking a screenshot of confidential data. If any suspicious activity is detected, the session is locked immediately, and the organization is alerted.
The company said Jan. 14 it is the “first to offer biometric continuous identity assurance.”
SecureAuth added the continuous verification technology to its portfolio when it acquired the SessionGuardian company of New York in December.
K1 Investment Management LLC of Manhattan Beach owns SecureAuth.