February 22, 2022
The digitalization and development of the Internet has meant that each time our processes are carried out digitally and we access the vast majority of our services through the network on a daily basis: banking transactions, administrative requests, work processes, accessing an online service... This is undoubtedly a great advance, but it also poses significant challenges in terms of the security of our digital identity and the privacy of our personal data on the network.
One of the main challenges faced by this advance is to develop systems so that people are able to prove their identity in the digital environment, in short, so that everyone can prove unequivocally that they are who they say they are in order to carry out these processes and cannot be done by someone else in your place. That is why, as a result of this challenge, concepts such as identification, authentication and authorization have emerged. Are you already familiar with them?
What is the difference between these concepts?
Identification is the ability to uniquely identify a user of a system or an application running on the system, while authentication is the ability to prove that a user or application is indeed who that person or application claims to be, and finally, authorization is the ability to specify access rights or privileges to resources and allow them, provided that identification has been ensured.
Currently to access an online service, you identify yourself through your name, email and/or username, you authenticate yourself through a security factor, for example password, as this is the most known and used security factor. But given the increase in cybercrime in recent years, and especially digital identity theft, authentication systems are becoming increasingly sophisticated, since the best known so far, are becoming obsolete because cybercriminals have found a way to bypass this security factor.
This type of new security factors are based on the behaviors or factors that make each human being unique. Behavioral security aims to capture, analyze, understand and respond to all kinds of digital representations of human behavior and interpret them using innovative technologies and machine learning algorithms.
Learning from human behavior could in many cases put an end to security breaches by identifying, eliminating and preventing anomalous or risky behavior, such as the identification and detection of false identities or credential theft, which can be used to access devices or services of different kinds and thus jeopardize the security of systems.
Ironchip and localization behavior.
The best way is to add innovative security layers that take into account the identity of the device from which the service is accessed, and that use secure communication channels and factors that are more difficult to spoof. This is why we at Ironchip are launching a unique technology to the market, Location-Based Security, our AI that uses the location generated from environmental waves as a safety factor.
In Ironchip we analyze the behavior of human beings in their daily relationship with these online services, to reach the conclusion that the locations from which we access each of the services in the day to day are intimately linked to our behavior and the service in question. We do not make a large money transaction from a bar, we try to do it from safe spaces such as our home, the office... We do not access protected services from our professional environment in the street, but we do it from the office...
Therefore, we researched and learned that mobility behavior makes each human being unique, the places we frequent in our day are a set of data that can identify us in a specific way just like our date of birth, name or ID card, thus becoming another factor of our identity.
The study Unique in the Crowd: The privacy bounds of human mobility published on March 25, 2013 already spoke of the value of an individual's locations to be able to identify him unambiguously: "We studied for fifteen months the human mobility data of 1.5 million individuals and found that human mobility traces are highly unique. In fact, in a dataset where the location of an individual is specified every hour, and with a spatial resolution equal to that given by the carrier's antennas, four spatio-temporal points are sufficient to uniquely identify 95% of the individuals."
So why hasn't location been used to generate digital identity so far?
Localization as we know it to date (GPS and IP) presents several security and usability problems, which has meant that it has not been present in security systems up to now. The main problems can be summarized in the following points:
How does Ironchip solve these problems?
La Ironchip's location technology is highly resistant to location spoofing, it analyzes the waves detected by a device in a specific location, creating a digital identity to recognize trusted users based on their unique behavior patterns.
To achieve a truly secure location that is difficult to spoof, we have replaced the typical latitude and longitude with more advanced geolocation methods, based on Artificial Intelligence and Big Data processes. Instead of using the GPS sensor, we are able to verify whether or not a device is in a secure location by signals from the environment, i.e. we analyze Wifi signals, signals from mobile devices such as 2G, 3G and 4G, or even from IoT signals such as Sigfox or Lora.
This technology puts an end to the problems of the current location by managing to generate a secure location capable of being used as proof of digital identity capable of proving identity in the digital environment, in short, that everyone can prove unequivocally that they are who they say they are by the relationship of the behavior of their locations.
By substituting coordinates for the set of analyzed signals, we prevent any remote attacker from spoofing our location. To do so, the attacker would have to be physically at the secure location, which makes the attack extremely difficult, and makes automated attacks impossible.
To learn more, please fill out the form below and we will contact you shortly.