Behavioural biometrics

基于行为的生物测定技术

Biometrics/生物统计学

The way you walk

你行走的姿态

Your phone uses your gait and sleep patterns, all in the name of security

你的手机以安全的名义使用你的步态和睡眠方式

词汇

Gait/步法，步态

MOST ONLINE fraud involves identity theft, which is why businesses that operate on the web have a keen interest in distinguishing impersonators from genuine customers. Passwords help. But many can be guessed or are jotted down imprudently. Newer phones, tablets, laptops and desktop computers often have beefed-up security with fingerprint and facial recognition. But these can be spoofed. To overcome these shortcomings, the next level of security is likely to identify people using things which are harder to copy, such as the way they walk.

大多数在线欺诈都涉及身份盗窃，这就是为什么在网上经营的企业对区分冒牌货和真正的客户非常感兴趣。密码对于反诈骗有一定的帮助。但是很多都是可以猜到的，或者是草率地记下来的。更新的手机、平板电脑、笔记本电脑和台式电脑通常都加强了指纹和面部识别的安全性。但这些安全系统都是可以欺骗通过的。为了克服这些缺点，下一个安全级别很可能是识别使用难以复制的东西的人，比如他们走路的方式。

词汇

Fraud/欺骗；骗子；诡计

Imprudently/鲁莽地；不小心地       

beef-up/加强

Spoof/滑稽地模仿；哄骗；戏弄

 

Many online security services already use a system called device fingerprinting. This employs software to note things like the model type of a gadget employed by a particular user; its hardware configuration; its operating system; the apps which have been downloaded onto it; and other features, including sometimes the Wi-Fi networks it regularly connects through and devices like headsets it plugs into.

许多在线安全服务已经使用了一种名为设备指纹识别的系统。它使用软件来记录特定用户使用的小工具的模型类型;它的硬件配置;它的操作系统;已下载的应用程序;还有其他功能，包括它经常连接的Wi-Fi网络，以及它插入的耳机等设备。

词汇

Gadget/小器具；小配件

 

The results are sufficient to build a profile of both the device and its user’s habits. If something unusual is then spotted—say, a bank detects access to an account from a phone with a different profile from that which a customer usually uses—it can take appropriate measures. For example, additional security questions can be posed.

这些数据，手段，足以勾勒出一个设备及其用户习惯的简况了。如果有什么异常的状况被发现了——比如说，银行检测一笔账目资金从手机上打往另一个和该用户平常毫无关联的账户时——它可以采取适当安全的措施（来验证这个操作为本人操作）。例如，可以提出其他安全问题来确保账户。

词汇

Profile/侧面；轮廓；外形；剖面；简况

 

LexisNexis Risk Solutions, an American analytics firm, has catalogued more than 4bn phones, tablets and other computers in this way for banks and other clients. Roughly 7% of them have been used for shenanigans of some sort. But device fingerprinting is becoming less useful. Apple, Google and other makers of equipment and operating systems have been steadily restricting the range of attributes that can be observed remotely. The reason for doing this is to limit the amount of personal information that could fall into unauthorised hands. But such restrictions also make it harder to distinguish illegitimate from legitimate users.

美国分析公司LexisNexis Risk Solutions以这种方式为银行和其他客户登记了逾40亿部手机、平板电脑和其它电脑。其中大约7%被用于某些不当用途。但是，设备指纹识别正变得越来越没用。苹果(Apple)、谷歌以及其他设备和操作系统制造商一直在稳步限制远程观察的属性范围。这样做的原因是为了限制可能落入未经授权人士之手的个人信息的数量。但是这些限制也使得区分非法用户和合法用户变得更加困难。

词汇

Catalogue/把…编入目录

Shenanigan/恶作剧；诡计

Illegitimate/私生的；非法的；不合理的

 

That is why a new approach, behavioural biometrics, is gaining ground. It relies on the wealth of measurements made by today’s devices. These include data from accelerometers and gyroscopic sensors that reveal how people hold their phones when using them, how they carry them and even the way they walk. Touchscreens, keyboards and mice can be monitored to show the distinctive ways in which someone’s fingers and hands move. Sensors can detect whether a phone has been set down on a hard surface such as a table or dropped lightly on a soft one such as a bed. If the hour is appropriate, this action could be used to assume when a user has retired for the night. These traits can then be used to determine whether someone attempting to make a transaction is likely to be the device’s habitual user.

这就是为什么一种新的方法——行为生物测定学正在取得进展。它依赖于当今设备所做的大量测量。这些数据包括来自加速度计和陀螺仪传感器的数据，这些数据揭示了人们在使用手机时是如何握着手机的，他们是如何携带手机的，甚至他们走路的方式。触摸屏、键盘和鼠标都可以被监控，以显示一个人的手指和手移动的独特方式。传感器可以检测手机是放在坚硬的表面上，比如桌子上，还是轻轻地放在柔软的表面上，比如床上。如果时间合适，此操作可以用于假设用户在晚间已进入休息状态。这些特征可以用来判断试图进行交易的人是否可能是习惯于用（差不多是“人机绑定”）该设备的用户。

词汇

Gyroscopic/回转仪的；螺旋仪的

Behavioural biometrics make it possible to identify an individual’s “unique motion fingerprint”, says John Whaley, head of UnifyID, a firm in Silicon Valley that is involved in the field. With the right software, data from a phone’s sensors can reveal details as personal as which part of someone’s foot strikes the pavement first, and how hard; the length of a walker’s stride; the number of strides per minute; and the swing and spring in the walker’s hips and step. It can also work out whether the phone in question is in a handbag, a pocket or held in a hand.

行为生物识别技术使得识别一个人的“独特的运动指纹（指纹在这有“一个人的专属特征”的意思）”成为可能，John Whaley说，他是UnifyID公司的负责人，该公司位于硅谷，从事该领域的研究。有了正确的软件，手机传感器的数据可以显示出个人的细节，比如某人脚的哪一部分先着地，以及有多用力;步行者步幅的长度;每分钟的步数;还有步行者臀部和步幅的摆动和跳跃度。它还能判断出手机是放在手提包里、口袋里，还是放在手里。

词汇

Hip/臀部

 

Using these variables, UnifyID sorts gaits into about 50,000 distinct types. When coupled with information about a user’s finger pressure and speed on the touchscreen, as well as a device’s regular places of use—as revealed by its GPS unit—that user’s identity can be pretty well determined, Mr Whaley claims. UnifyID began offering behavioural biometrics to its clients (which include retail banks, online retailers, delivery companies and ride-sharing firms) in 2017. In time, advertisers will pay for the scoop on individuals’ lifestyle-revealing movements, reckons Mr Whaley, though his firm has no plans yet to expand in that direction.

使用这些变量，UnifyID将步态分为大约50,000种不同的类型。Whaley先生声称，当加上用户在触摸屏上的手指压力和速度信息，以及设备的常规使用地点(GPS单元显示了这一点)，用户的身份可以很好地确定。UnifyID从2017年开始向客户(包括零售银行、在线零售商、快递公司和拼车公司)提供行为生物识别技术。Whaley先生认为，随着时间的推移，广告商将因需要获得每个个体的生活方式的信息而付费，尽管他的公司还没有向这个方向扩张的计划。

词汇

Scoop/勺；铲子；独家新闻

The lidless eye

不断注视的眼（有道翻译有这个词组对应的翻译——无脸之眼，但我觉得不恰当）

Lidless/无盖的；注视的；无眼睑的

 

Behavioural biometrics can, moreover, go beyond verifying a user’s identity. It can also detect circumstances in which it is likely that a fraud is being committed. On a device with a keyboard, for instance, a warning sign is when the typing takes on a staccato style, with a longer-than-usual finger “flight time” between keystrokes. This, according to Aleksander Kijek, head of product at Nethone, a firm in Warsaw that works out behavioural biometrics for companies that sell things online, is an indication that the device has been hijacked and is under the remote control of a computer program rather than a human typist.

此外，行为生物识别技术不仅可以验证用户的身份。它还可以检测可能正在进行欺诈的情况。例如，在有键盘的设备上，一钟警告信号是当打字呈现断奏风格时，按键之间的“飞跃时间”比通常手指的“飞跃时间”更长。华沙Nethone公司的产品主管亚历山大•基耶克(Aleksander Kijek)表示，这表明该设备已被劫持，并处于电脑程序的远程控制之下，而不是人类打字员的控制之下。Nethone是一家为在线销售产品的公司设计行为生物识别技术的公司。

词汇

Staccato/断奏的，断音的

Hijack/拦路抢劫；抢劫

On a device with a touchscreen rather than a keyboard, however, the reverse is true. Most people type with their thumbs on touchscreens, so flight times between keystrokes are longer. In this case, therefore, it is short flight times which are a signal of something suspicious going on—for example, that a touchscreen device is actually being operated remotely, using the keyboard of a laptop.

然而，在带有触摸屏而非键盘的设备上，情况正好相反。大多数人用拇指在触摸屏上打字，所以按键之间的飞跃时间更长。因此，在这种情况下，很短的飞跃时间是可疑事件发生的信号——例如，触摸屏设备实际上是使用笔记本电脑的键盘远程操作的。

 

Used wisely, behavioural biometrics could be a boon. As Neil Costigan, the boss of BehavioSec, a behavioural-biometrics firm in San Francisco, observes, the software can toil quietly in the background, continuously authenticating account-holders without badgering them for additional passwords, their mother’s maiden name “and all that nonsense”. UnifyID and an unnamed car company are even developing a system that unlocks the doors of a vehicle once the gait of the driver, as measured by his phone, is recognised.

如果使用得当，行为生物识别技术可能会是一个福音。正如旧金山行为生物识别公司BehavioSec的老板尼尔•科斯蒂根所观察到的那样，该软件可以在后台悄无声息地工作，持续对账户持有人进行身份验证，而无需麻烦他们提供额外的密码、母亲的娘家姓以及“所有那些废话”。UnifyID和一家不知名的汽车公司甚至正在开发一种系统，一旦识别出司机的步态(通过他的手机测量)，就可以解锁汽车的车门。

词汇

Toil/辛苦工作；艰难地行进

Authenticate/鉴定；证明…是真实的

Maiden/未婚的

Used unwisely, however, the system could become yet another electronic spy on people’s privacy, permitting complete strangers to monitor your every action, from the moment you reach for your phone in the morning, to when you fling it on the floor at night.

然而，如果使用不当，该系统可能会成为另一个监视人们隐私的电子间谍，让完全陌生的人监视你的一举一动，从早上你拿起手机的那一刻，到晚上你把手机扔在地板上的那一刻。