Project Details
Description
The main objective of this project is to develop a cost-sensitive approach to authenticate in real-time the identity of a user who wishes to proceed to a next step in a dynamic process (e.g., gaining access to an information system, placing an online order or bid, validating a decision in a business or audit process, confirming a payment transaction, etc.), and to deliver a proof-of-concept of the newly developed methodology.
Current authentication procedures are often ill-adapted to the current needs of an increasingly digital society. Outdated security procedures that are poorly adapted to online transactions can cause security risks that allow sensitive data to be breached or losses due to fraudulent transactions. Improving these procedures is no small task and requires a significant investment and ongoing commitment by the involved organizations. The history of electronic payment systems [CACM, 2014] has clearly demonstrated that transaction security is a continuing struggle between security researchers and fraudsters both developing new techniques and countermeasures.
At the same time, it is important to consider the business impact of authentication methods. While allowing fraudulent transactions to proceed will cause a company to incur direct losses, being overly stringent and denying genuine transactions also comes at a cost, both in lost revenue and possible repeat business. Overly complex procedures that aim to combat these losses may be difficult and costly to implement or drive away customers as they require too much effort from the end-user. Therefore, it is important not just to optimize security, but also to take into account the economic impact of security decisions during authentication.
The main objective of this project is to develop a cost-sensitive approach to authenticate in real-time the identity of a user who wishes to proceed to a next step in a dynamic process (e.g., gaining access to an information system, placing an online order or bid, validating a decision in a business or audit process, confirming a payment transaction, etc.), and to deliver a proof-of-concept of the newly developed methodology. This overall goal can be decomposed in the realization of following sub-goals:
1. A general technical framework for authentication.
2. A secure and cost-effective method to combine authentication systems.
3. An adaptive method for deciding the required level of authentication for a transaction.
4. A business perspective towards authentication.
5. Proof-of-concept of a cost-sensitive, online authentication system.
Current authentication procedures are often ill-adapted to the current needs of an increasingly digital society. Outdated security procedures that are poorly adapted to online transactions can cause security risks that allow sensitive data to be breached or losses due to fraudulent transactions. Improving these procedures is no small task and requires a significant investment and ongoing commitment by the involved organizations. The history of electronic payment systems [CACM, 2014] has clearly demonstrated that transaction security is a continuing struggle between security researchers and fraudsters both developing new techniques and countermeasures.
At the same time, it is important to consider the business impact of authentication methods. While allowing fraudulent transactions to proceed will cause a company to incur direct losses, being overly stringent and denying genuine transactions also comes at a cost, both in lost revenue and possible repeat business. Overly complex procedures that aim to combat these losses may be difficult and costly to implement or drive away customers as they require too much effort from the end-user. Therefore, it is important not just to optimize security, but also to take into account the economic impact of security decisions during authentication.
The main objective of this project is to develop a cost-sensitive approach to authenticate in real-time the identity of a user who wishes to proceed to a next step in a dynamic process (e.g., gaining access to an information system, placing an online order or bid, validating a decision in a business or audit process, confirming a payment transaction, etc.), and to deliver a proof-of-concept of the newly developed methodology. This overall goal can be decomposed in the realization of following sub-goals:
1. A general technical framework for authentication.
2. A secure and cost-effective method to combine authentication systems.
3. An adaptive method for deciding the required level of authentication for a transaction.
4. A business perspective towards authentication.
5. Proof-of-concept of a cost-sensitive, online authentication system.
| Short title or EU acronym | C-CURE |
|---|---|
| Acronym | BRGIMP2 |
| Status | Finished |
| Effective start/end date | 1/03/15 → 30/09/18 |
Keywords
- - Technology
- - Statistics
- - Operational Research
- - Business
- - Informatics
Flemish discipline codes in use since 2023
- Design of experiments and sampling techniques
- Biostatistics, statistical methodology in epidemiology and public health
- Time series and spatial modelling
- Computational statistics
- Statistical data science
- Large and complex data theory
- Statistical theory
- Forensic evaluation, inference and statistics
- Stochastic analysis and modelling
- Industrial statistics
- Statistics not elsewhere classified
- Official statistics
- Statistical methodology in social, behavioural and educational sciences
Fingerprint
Explore the research topics touched on by this project. These labels are generated based on the underlying awards/grants. Together they form a unique fingerprint.