The probe analyses the operations done by a user (an insurance agent or a customer) on an insurance service mobile app. The service is activated to check the identity when a person enters the login page on the mobile app; when this happens, the camera embedded in the mobile device detects the image of the user’s face by registering a short video. The first authentication step is based on the biometric features of the registered face, that are compared to the faces registered in the app database. If the face is recognized, the backend server of the app returns the username which is associated with it, and the user types the password. The second authentication system checks the credentials and sends back to the mobile app an “OK / KO” feedback. In case the detected face is not recorded in the database, or the typed password is incorrect, an error message is sent to the FINSEC Data Collector, triggering an attack alarm.
The probe comprises two hardware parts (the camera embedded into the mobile device and the back-end server) and some software modules (the user’s mobile app, the authentication system, the face recognition system and the app database), combining the physical and cyber threat levels into an integrated element. The high-level architecture of this probe is shown in the figure below.