Aegis: A Biometric Security Solution

31 October 2000
Inventors often struggle to develop an effective tool only to find that the simplest one works best. The same premise applies to Internet security tools, such as a new biometric tool developed by Inroad Solutions, a Canadian Internet security and e-learning firm. In its quest to ensure that the right student was taking a test online, the company created a simple yet effective solution: Aegis.

Named for the Greek tool or shield used for security, Aegis is a biometric authentication application that constantly monitors a person's keyboard stroke pattern when inputting their user information and password to access a particular site.

The challenge in developing the extraordinary tool was extracting a pattern from a small amount of data, explained Anthony Basset, Inroad's director of media operations. Researchers spent two years developing the technology, using different mathematical approach to develop the strongest pattern of keyboard usage. After whittling through three models, Inroads researchers found one approach was particularly effective. The final solution, Basset explained, uses an artificial intelligence model to record each log on into the user's profile. It seems that over time the user pattern changes ever so slightly. The application accounts for the subtle changes, refreshing the sample so that it remains effective over time.

Aegis' simple yet effective approach impressed eSuccess officials, who called it an "exciting product." The two companies have recently signed an interim agreement for eSuccess to be the exclusive provider of Aegis to the interactive gaming industry. "We thought it (Aegis) was synergistic with our products," explained Rob Sutherland, eSuccess' director of risk management. The company will integrate the Aegis solution with Citadel, a fraud prevention tool for e-commerce transactions. (The two companies introduced their joint efforts during the recent World Gaming Congress in Las Vegas.)

"We like the whole concept of being able to identify the user easily without installing software on the users' computer. This product just adds that extra layer of protection," Sutherland said. Additionally, Sutherland called Aegis "a significant addition to fighting the age control issue." While children could still steal information from their parents and set up their own account, the Aegis tool would prevent those same children from using their parents' own gaming accounts.

"This exists well with eSuccess' existing controls," agreed Bassett. Aegis can be used for logins, credit card transactions, chip purchases and other purposes. "It's very flexible," he explained. It's also simple for both the gaming site and the player to use. Operators of a gaming site install the 1 MB application on their server. "The administration controls are very easy to use, the databases are strong and easy to read," Bassett added. Once Aegis is installed, operators can track readouts of log ins and check other records. Plus, an outside server stores a copy of the password information and serves as a central location providing redundancy services. Plus, users can easily go to different sites that utilize Aegis.

Aegis is even easier to use for the player. Upon visiting a site that uses the Aegis solution, the application is automatically installed on the player's computer, taking only 240 KB in hard drive space, and it works with any browser. The users provide a biometric sample pattern, entering their information seven to ten times. On subsequent uses, three chances are given for the player to succeed during log in efforts. Depending upon how the gaming site has set their strength controls, one of three scenarios could ensue. One, the player could be prevented from playing. Two, the gaming site operator would be flagged regarding a suspicious log in. Finally, the player could be allowed to play. These options are possible because Aegis allows the operator determine how weak or strong to set the controls.

"No security application is 100 percent reliable," Bassett admitted. "It's (Aegis) a layer of security used in combination with other security applications." The more layers of protection, the more robust identification can be made regarding Internet fraud.

The Aegis application can be sampled at (Click the demo link.)

Vicky Nolan joined the IGN staff in October 1999. She's best known for inventing fire, the wheel and swiss cheese. She can be reached at