Mobile identity security provider, Incognia, today announced it raised $15.5 million in series A funding led by Point72 Ventures. The company said the new funding round will support its continued growth to address the balancing act between security and user experience, delivering security for mobile authentication while requiring no action from consumers.
Personal data has never been more valuable, thus protecting it from thieves has become a top issue. Data thieves often can gain access to people’s mobile phones and learn about their personal lives, including bank accounts, personal images and friends’ contact information. To gain access to people’s phones, hackers utilize “brute force” attempts to guess passcode digits. They can also look at fingerprint smudges to see whether they can break into a phone that relies on fingerprints as authentication.
Unlike static credentials like passwords, PINs and one-time passcodes — which obstruct the user experience and are easily compromised if stolen or guessed — Incognia claims to provide a dynamic identifier that requires no user action, is constantly updated and is difficult to fake or forge.
According to Incognia, it allows identification of trusted users based on their distinctive location behavior, as well as preventing account takeover attempts and seamlessly authenticating legitimate users. The company said the solution may be used across industries, including banks, fintech and ecommerce enterprises, to enhance mobile revenue and reduce fraud losses.
The future of mobile security
Biometric technology has become increasingly common in mobile devices as a means of enhancing security. With the growth of fintech, which relies on mobile devices and applications, biometrics play an increasingly significant role in ensuring security.
Identity fraud affects about one in every 15 persons. Approximately 650,000 people were victims of identity theft in 2019. According to a survey by Javelin Strategy and Research, about 42 million Americans were victims of identity fraud in 2021, costing consumers $52 billion. With so many more people using the internet to conduct their financial business as a result of the pandemic, thieves have had lots of opportunity to harvest their victims’ personally identifiable information (PII), according to the study.
Today’s authentication, device fingerprinting and fraud detection solutions are failing to safeguard mobile consumers, while introducing friction to the user experience, with new account fraud increasing 109% and account takeover losses jumping 90%, according to the Javelin study. Even with multifactor authentication (MFA), consumers fell victim to social engineering, which accounted for more than 80% of all fraud losses in the U.S. in 2020. Social engineering techniques prey on “human factor” in digital systems and try to manipulate people into disclosing critical information.
Incognia says it has developed a method of mobile app security that doesn’t require the user to take any action. Instead, Incognia claims that it can distinguish trustworthy users from fraudsters by using a device’s location signals and motion sensors to build a location identity that’s unique to each user, similar to a location fingerprint. Location fingerprinting is a technique for locating a person without using a GPS device. This method necessitates the use of a previous training set of fingerprints taken at known places, which may be compared to identify the location of future fingerprints.
As an identity solution, Incognia claims its location fingerprinting is 10 times more accurate than Apple’s FaceID. The company says that its zero-factor authentication solution is enabled by its patented location technology, which employs Wi-Fi, cell, GPS and Bluetooth signals to reach indoor location precision of seven to 10 feet and is effective at detecting location manipulation. In an email interview, André Ferraz, Incognia’s founder and CEO, claimed that each user has a unique location pattern that Incognia can utilize as a form of location fingerprint.
He added that the solution has “exceptional performance,” with “zero account takeovers registered from accounts using Incognia and a 0.001% false positive rate.” Also known as false acceptance rate, the false positive rate measures the rate at which illegitimate or unauthorized users are verified on a particular system. Ferraz noted that Incognia has taken a privacy-first approach and does not associate the location information with any other PII.
Identity assurance on mobile devices
According to Ferraz, both mobile adoption and fraud are on the rise. He claims that mobile consumers have shorter attention spans and prioritize convenience over security. Traditional security methods, he added, are ineffective at preventing fraud because they are high-friction. Incognia, he claims, is a mobile security solution that eliminates the friction of authentication for the vast majority of users while also boosting security.
“Authentication and fraud detection solutions that are available today do not meet the needs of users or enterprises and the market is in need of new innovative technology. Incognia is pushing the boundaries of identity assurance and authentication in order to provide improved security with the least amount of user friction,” said Ferraz.