How it Works
The Twosense Windows agent collects behavioral biometric data and uploads it to a cloud-based machine-learning system.
Behavioral Biometric Factors
The only way to remove human error from the MFA process is behavioral biometrics. Passwords can be stolen, tokens phished, but behaviors cannot. How a user types, how they move a mouse, how they walk, how they pick their phone up - any one of these factors is not enough to confirm a user's identity. All of these factors combined create a unique & dynamic biometric that can identify a user with more than 99% accuracy.
Behavioral Data that is Anonymous and Contains no PII
Twosense never analyzes what the user is doing, just how they are doing it. This means that no Personally Identifiable Information (PII) is collected.
The amount of time each key is held down and the amount of time before the next keystroke can identify a user's unique typing fingerprint. Keystrokes are not collected, only timing data.
The acceleration of a user's mouse movement, the duration of each click, and the shape of the mouse's trajectory can uniquely identify a user. Twosense does not collect information on what websites the user visits or what they're clicking.
How a user types in Slack may be very different than how they compose an email. Application names are not collected or stored, and administrators have no access to inactivity information.
Machine learning is a data analytics technique that teaches computers to learn from experience.
The passive biometric data is passed into a cloud-based machine learning system that builds a model of each user's behavior. Whenever a user passes an MFA challenge, each model continues to learn and adapt to changing behaviors. When the model is mature, Twosense can validate the user's identity and create a baseline of trust.
Twosense analyzes a variety of behaviors to learn who your users are, creating a unique profile for each user. Each time user passes an MFA check, Twosense becomes more confident that the user is who they claim to be. Users are scored based on how much their behaviors match. If high enough, they are authenticated with no challenge.