Password Problem – SOLVED!

An entirely new approach to security:Know who is there by how they type

A BIG Problem …

Passwords are ineffective

Passwords are valuable targets

Password alternatives are breached

Solutions hacked

Fingerprint biometrics@ geek.com

Mar 2011 – Comodo CertsSep 2011 – DigiNotar Certs

Mar 2011 – RSA SecurID

Social Media Sites hacked

Mar 2013 – 50M Passwords

Jun 2012 – 6.5M accounts

Feb 2013 – 250k passwords

Retailers hacked

Nov-Dec 2013 – 110M accounts

May 2014 – 145M accounts

Jan 2014 – 1.1M accounts

How We Solve It

my usernamemy password

my valuable data

$

Our Solution

A new biometric approach to security…

Recognize users typing characteristics …

• Known text (e.g., passwords)

• Unrestricted text (e.g., e-mail)

• Activities on the desktop (foreground / background)

… without capturing any content

Our products answer …

is it them?

is it still them?

when is it occurring?

what are they doing?

where are they?

combined - context-aware, strongly authenticated computing

what else is going on?

TickStream® Activity TickStream® KeyID

Our Edge

Strong authentication and awareness with …

• Nothing to remember

• No personally identifiable information (PII)

• Nothing to carry around

• Nothing to be shared

• Nothing to maintain

• UNIQUE biometrics – (ours can be changed or withdrawn)

Products

Attributes

securityno

memorynoPII

no equipment

no maintenance

low cost

easy to use

Intensity Analytics Passwords Tokens Fingerprints Facial recognition

Good

Okay

Poor

Comparison

The Factors of Authentication

Security is based on the presentation of evidence of identity when the user attempts to sign in:

Knowledge factor: something you know

Ownership factor: something you have

Inherence factor: something you are

What we add is new:

Behavioral factor: something you doTickStream.KeyID makes it possible for the computer to observehow you behave in a well-defined context – passively through your keyboard as you enter your username and password.

Benefits over existing solutions

• Security– More difficult to impersonate than other biometrics – helps defeat replay attacks– It's not a "copy" that can be duplicated, but rather behavior that has to be performed in real-time– Can discern input from the keyboard vs. malware – helps defeat key-loggers and other types of malware– All data is encrypted - Network traffic via SSL & at-rest data via AES-256

• Privacy– No Personally Identifiable Information (PII) is generated or stored

• Implementation– Transparency - quickly add a biometric factor to existing password-based systems– Flexibility - tune to the appropriate level of security depending on the assets being protected– Application agnostic - no training required to identify specific application details, patterns, etc.– Broad platform support - native Windows applications or any web application regardless of platform– No OEM or open source components – 100% our IP– Enterprise scalability and simple component design

• Usability– Frictionless - people just keep working as usual – minimize negative impact to user experience– Uses ubiquitous hardware – no need for specialized readers or scanners– Improved user experience - reduce password complexity rules and forced password expiration

Use Cases

• Authentication– Web applications– VPN access– Use as multi-factor authentication– Password self-service (without using PII): eliminate password reset calls to help desk

• Constant Validation– Authenticate all transactions within a session– Strong non-repudiation (biometric digital signature – prove the negative)– Detect when unauthorized personnel access an open system

• Fraud Detection and Monitoring– Detect when users change (keyboard & password sharing, license violations)– Identify and differentiate multi-user access to generic and role accounts– Automate detection of breached accounts

• Software License Management– Eliminate shared credentials– Identify unused licenses

The Competition

Fingerprint

Tokens

Cell phones

One-timecodes

Hardware-based

biometricsPasswords

Popular alternatives

Widely used

Unpopular alternatives

Gaining traction

● 3M Cogent, Inc● Aware, Inc● BIO-key International, Inc● Cross Match Technologies, Inc● DigitalPersona, Inc● Fujitsu Ltd● Lumidigm, Inc● M2SYS LLC● NEC Corporation● SAFRAN SA● Siemens AG● Suprema, Inc● ZKTeco, Inc

Biometric vendors abound

3 Reasons To Buy ….

• Costs Less– Than other biometrics and token-based systems: it’s entirely software-based– Training costs are a fraction of other security solutions– Support costs are a fraction of other security solutions– Integration costs are a fraction of other security solutions– Password self-service (without using PII): eliminate password reset calls to help desk

• Enhanced User Experience– No more need to memorize complex passwords– No more need to change passwords every 30 days, 90 days, etc.

• Better Performance– Than other biometrics (proven by published independent 3rd-Party validation)– False Acceptance Rates as good as or better than fingerprint, retinal / iris scans, facial

scans, voice recognition

What other solution combines all three advantages?

Bottom Line

Nobody Likes Passwords

Passwords ARE Dying

We Solve That!

Let’s Get Started!

Kevin SpanbauerVP, Business DevelopmentIntensity Analytics Corporationkspanbauer@intensityanalytics.comwww.intensityanalytics.com(952) 250-0836