Cure for OTP frauds: IIT Mandi develops system based on behaviour patterns

Innovative approach will obviate the necessity for passwords and OTPs, streamlining user access processes while bolstering defences against emerging threats, an expert said

Does the rising number of OTP frauds and password hacking instances concern you? Researchers at IIT Mandi have developed a revolutionary system which will capture unique user biometric-based behaviour patterns for secure authentication, eliminating the use of conventional methods.

The system called "adapID" has been developed in collaboration with Deep Algorithms with Amit Shukla from the Center for Artificial Intelligence and Robotics (CAIR) at Indian Institute of Technology (IIT) Mandi and J P Mishra from Deep Algorithms, spearheading the development of the tool -- a behaviour biometric-based authentication system leveraging haptics data.

Deep Algorithms is an IIT Mandi and IIT Kanpur incubated company with its head office in Hyderabad, Research and Development office in IIT Mandi and partner office in the USA.

The system has already been granted a patent and has been deployed at a bank and a forensic company. The team is currently in talks with the Ministry of Electronics and Information Technology (MEITY) to use it for authentication in government schemes.

Those involved in the development of the system explained that in today's digitally driven landscape, organisations encounter the daunting challenge of safeguarding sensitive data against relentless cyber threats while ensuring a seamless user experience.

"Conventional authentication methods relying on passwords and static security measures prove inadequate, leaving organisations susceptible to breaches and burdening users with cumbersome access processes.

"The escalating instances of cyber fraud, notably attributed to OTP compromises, have spurred organisations to seek robust solutions to fortify against unauthorised access and data breaches," Shukla told PTI.

"Traditional authentication methods, dependent on passwords and OTPs, increasingly succumb to phishing attacks and brute force breaches, thereby compromising security and user satisfaction. adapID will herald a paradigm shift in secure authentication by harnessing the potency of behavioural and physiological biometrics, offering unparalleled security measures," he added.

Shukla explained that the innovative approach will obviate the necessity for passwords and OTPs, streamlining user access processes while bolstering defences against emerging threats.

"The adapID AI adaptive authentication integrates behavioural and physiological biometrics, presenting a multi-layered authentication framework that dynamically adapts to evolving user behaviour. This password-less authentication system will employ advanced technology, encompassing invisible keyboard features and decentralised web protocols, to establish a novel standard in secure authentication," he said.

"Our groundbreaking behaviour biometric-based system will redefine secure authentication, effectively eliminating the reliance on passwords and introducing seamless continuous authentication.

"With adapID, we not only aim to revolutionise security protocols but also empower organisations to navigate the complexities of the digital age with unwavering confidence," he said.

Deep Algorithms' J P Mishra explained that adapID addresses an array of cyber threats, including fraud, unauthorised access and phishing attacks, spanning across industries such as financial services, government, technology and critical infrastructure.

"By furnishing the most robust form of authentication and discerning anomalies in user behaviour, adapID equips organisations with a dynamic and adaptive security posture. As organisations navigate the intricate landscape of cybersecurity threats, adapID will emerge as a pioneering solution, presenting a dynamic, adaptive and secure authentication framework.

"With its innovative integration of behavioural biometrics and continuous authentication, the innovation will establish a new benchmark in secure authentication, empowering organisations to safeguard sensitive data," Mishra said.