Hartford Conn.-based Aetna added behavior-based security measures to its customer-facing Aetna Mobile app, The Wall Street Journal reports.
The app will continuously monitor user behavior, such as a user's location or how a user holds their phone. The app will feed these attributes into a risk engine, which uses machine learning to assess a user's risk score.
When a user interacts with the device in a significantly different way than is typical, the app will request another form of authentication — like a password or fingerprint — and may restrict certain functions. It will take the app roughly one to two weeks to identify a user's normal behavior.
Aetna will allow users to continue using a traditional password if preferred. However, traditional security procedures will be "relaxed" for other users as the behavioral model improves, according to The Wall Street Journal, meaning users may be able to automatically access the platform's functions after opening the app.
The shift toward behavior-based security is one of Aetna's attempts to address cybercriminals' increasingly sophisticated attacks, Aetna Chief Security Officer Jim Routh told The Wall Street Journal.
"The reality is the industry is getting more and more account takeover attempts," he said.