No. It doesn’t need to. Sentegrity only runs to protect subscribed enterprise applications. It can detect if there are other malicious apps or processes but it does this in a way that doesn’t require access to any personal data or apps.
All analysis is conducted locally and using tokenized data. That means no one — not us, not the enterprise, not the government, not an attacker — can extract the actual values of your location, device use or any other data point we use.
Sentegrity is only interested in variance. (i.e., Are you doing what you normally do?”) That information is enough for Sentegrity’s machine learning to authenticate you and provide the enterprise with insight into the risks of their mobile environment.
No. Sentegrity is automatically invoked by the accessed applicaiton without any user intervention required.
Unlike other integrity detection products Sentegrity runs only when you access protected enterprise applications so it won’t drain your battery or eat up precious system resources.
An average assessment using the Sentegrity app takes less than 1 second, so you’ll barely know it’s there.
Sentegrity’s behavioral biometrics engine profiles user behavior to determine the probability of device theft. Sentegrity can be configured to employ a number of authentication mechanisms in various combinations based on the results of behavioral analysis. That way, the strength of user authentication is proportionate to the risk of granting access to the Good application. Sensitve apps in high-risk situations can employ more secure methods than non-sensitive apps under historically safe conditions.
Sentegrity supports iOS and Android.
Sentegrity for Good is integrated into the core operations of the Good Dynamics ecosystem as a Trusted Authenticator (i.e. Sentegrity installs on a Good Dynamics device and immediately begins operating as the authentication gateway to the Good Ecosystem for all Good apps).
As a Trusted Authenticator, Sentegrity has been granted special privileges by BlackBerry to replace Good’s existing authentication mechanism. To obtain these privileges, Blackberry/Good Technology have rigorously vetted Sentegrity’s security, usability, and authentication capabilities and require a new evaluation with release of Sentegrity for Good.
Any third party application can be wrapped using the Good Dynamics application wrapper functionality. Once an application is wrapped, it can be deployed onto the user’s device and it will be protected by Sentegrity like all other ecosystem applications.
Sentegrity is designed to accept any form of authentication that a customer desires, but our core, patented, operations are not extensible for security purposes. Any new authentication method can be integrated into Sentegrity’s security model and, using enterprise policy, assigned a TrustScore range in which it will be activated.
Sentegrity’s device integrity TrustFactors align with NIST’s 800-163 “Technical Considerations for vetting 3rd party mobile applications” and OWASP Mobile Project Standards. All dashboard communications occur over NIST 800-52 HTTPS/TLS standards using private certificate pinning and data-level encryption to prevent interception.
Yes. Sentegrity is FIPS140-3 compliant and all encryption modules employ AES-256.
Sentegrity for Good currently requires a secure container for full functionality and operates on iOS and Android platforms. Mobile devices also house the sensors needed to build behavioral baselines for transparent authentication. While Sentegrity’s current solution is mobile only, we do have development plans to extend hard biometrics authentication to Good’s desktop product.
FAR and FRR rates vary based on the authentication methods selected and specific combination hard/soft biometric modes. Transparent authentication has variable FAR/FRR rates based on how aggressive the enterprise policy is configured.
Does Sentegrity use liveness detection for modes where biometric authentication can be faked (e.g., fingerprints, face)?
Sentegrity’s behavioral biometrics provide a unique form of universal liveness detection. In a ‘step up’ authentication scenario, some hard biometric modes (e.g. face, voice, etc) will also perform additional liveness detection.