User privacy versus security
IBM researchers have just patented some software that sounds like it will be a boon to organizations web site security. However it is not clear if the long term implications will be a positive for user privacy.
The patented solution builds a profile on each person using a site or application based on their navigation habits as recorded through the browser. Metrics are collected through the computer mouse and keyboard and the touchscreen on a tablet or smartphone.
The solution would compare activity to a user’s profile would be on the web server or somewhere else on the network. If the percentage of matching activity fell below a per-configured threshold, then the site could ask for the answer to a security question or perform some other type of authentication.
In essence the IBM approach will create a fingerprint of a user. The question is how can this information be used by a company and will this violate the privacy of the user?