enterprisesecuritymag

Uniken: Augmenting Human Intelligence to Security

Bimal Gandhi, CEO, UnikenBimal Gandhi, CEO
Multi-factor authentication (MFA) has taken center stage in light of recent incidents of cyberattacks and security breaches, yet its acceptance is still not as prevalent as it should be. Thus, the number one impediment to security is that security oftentimes does not take the human element into account, i.e., the solutions are not designed to be intuitive for the customer or the end user to use. Breaking the mold is Uniken, a security solutions provider that is more than just MFA, as the company believes in a full defense-in-depth approach built around human-centric MFA.

From a business perspective, the most important thing for customers is the ability to do things in a simple fashion. Customers should never worry about security nor have their information or money compromised. Consistent experience is also vital, as the experience should remain the same across all channels. Uniken provides a simple, scalable, and affordable solution encompassing these requirements. The company offers an “amazing” omnichannel experience that is consistent across mobile, web, call center and chat. “At the end of the day, we let the customer interact with the business on their terms and their preferred channel, making security invisible and frictionless,” adds Uniken’s CEO, Bimal Gandhi.

For the process, the core requirement is having an MFA, but one that is invisible. Uniken achieves this via its mobile-first solution, REL-ID, as mobility has become a dominant interaction model in today’s systems. REL-ID allows Uniken customers to create a better security model. The company has built an MFA mechanism that relies on a combination of multiple aspects, including biometrics, device identity, app identity, and a cryptographic model for a split-symmetric key—a half key that lives on the device and uniquely identifies the user’s biometric app identity and device combination.

At the end of the day, we let the customer interact with the business on their terms and their stipulations on security


REL-ID has these different factors in play, and from a user’s perspective, all they have to do is open the app and provide their biometric signature to log in. For the end user, it is a simple and seamless experience, seeming like one factor. Under the hood, however, the systems are checking the device trustworthiness, and then verifying the biometric id, the app id, the device ID and the cryptographic material on the device against the corresponding pairs on the service side. All of these factors combine for strong Mutual MFA (MMFA) and an encrypted connection without putting the burden of complexity on the end-user.

In the case of a recent banking customer, the client was facing quite a unique challenge. An increase in fraud was being perpetrated through their mobile channel, after rolling out their mobile app into the marketplace. The customer was quick to note a lot of fraudulent requests coming in, and that their pre-invested security solutions were incapable of securing their mobile channels. Having deployed REL-ID, they had considerably reduced fraud, and the customer’s CIO was effusive in praise. According to the CIO, Uniken’s solution was beyond their expectations, and they are now looking to expand the use of it in their corporate environment, seeing that they have enough data points to show that Uniken has dramatically impacted the bottom line.

The company sees the next evolution of their technology, progressing under development. Uniken continues to push its boundaries geographically but also sees itself adapting to a more wholesale solution, drawing further inputs from retailers, moving forward from a channel perspective. Gandhi adds, “We may be in the top ten of MFA, but our customers get much more than just that from us— they get a full sense of the depth of the security they have.”