Impact: We built one of a kind solution that provided our client with competitive advantage and helped to sign up a number of big enterprise customers.
What’s the app for?
Smart Login is an application that ensures enterprise security. Even longest passwords with numbers and symbols are quite weak when talking about large organizations. The business information locked behind the login credentials can be literally priceless so the malefactors are focusing their efforts on this kind of data in the first place. So, we’ve created Smart Login as a solution for this challenge. It collects individual behavioral biometrics data like the delay between keystrokes for the particular person to ensure secure authentication.
The method we implemented looks like the standard Windows login screen and doesn’t require any additional actions from the users.
It collects the individual behavioral biometrics data like the delays between keystrokes for the particular person, sends this information to the backend for the analysis of the common patterns by the AI, creates the user’s biometric profile for further matching each login with this profile. So, in case anybody would manage to steal the credentials the access won’t be granted because behavioral patterns don’t match. The AI is learning and adapting to the user’s behavior if he or she would start to enter the password faster with the time etc.
The application serves as an extra layer of security after the standard Windows user password check.
Security admin panel
The pillars of the enterprise cybersecurity are the centralized control of the access to each workstation, logs of the login attempts, user management, automatic monitoring of suspicious activity, and ability to restrict the access remotely.
To provide customers with this functionality, we needed to make possible the quick and reliable transfer of this data to the admin panel that gives access to the whole system and its accumulated data.
This tab provides administrators with the statistics related to authentication. It shows the number of authentications performed during a particular period of time, including both successful and failed attempts. In addition, it presents the data on continuous authentication, which is the user behavior from the whole session: from login to logout.
Behavior check settings
Through the admin panel, administrators can make the verification more or less strict. They can enable all layers of authentication, such as keystroke and mouse biometrics, or disable them for a particular user or in general.
Administrators always have up-to-date information on all system users, and statistics about their behaviour. The AI component defines the level of risk caused by an authentication attempt. This data is recorded into one’s personal account.
Who we build for
- Modification of the Windows login screen service and interface for the additional authentication method
- Interception of the keystrokes metrics on the Windows user login screen
- Add-on development and integration with the Windows login security service for two-factor authentication
- Integration with the backend AI-based service to collect, analyze and store the biometrics data
- Integration with the administration dashboard for the complete system management
Integration with Windows Hello Aunthentication Screen
We needed to integrate with the Windows security service through the Credential Provider (ICredentialProvider, ICredentialProviderCredential2) feature and make the invisible users integration with the Windows login screen.
We also implemented a Windows Installer (MSI) using Wix which installs Custom Credential Provider to a target machine either manually or using a group policy deployment.
- Windows login screen modification for an additional authentication method
- Implementing two-factor authentication
- AI-based backend service for data analysis
- Admin panel development
- We assined a dedicated business analyst and project manager
- Performed more than 10 requirements analysis calls
- Produced diagrams and supplementary files to add to the SRS document
- A Software Requirements Specification (SRS) document
- A System Architecture Document and a Database Design
- The final estimation of the project timeline and cost
- A detailed project plan with milestones and sprints
SRS Document Contents
- User stories
- Acceptance criteria
- Business rules
- User roles
- Database design
- System architecture
Development and testing
As we needed to access the Windows login feature, of course, the frontend technology choice fell on WPF and Windows Forms. Also, we needed a reliable and secure backend. For this, we’ve chosen C++ that has proven itself to be a credible technology.
C++ takes the 10 place among the most popular languages
professional developers use C++
popular languages can be used to program for the Windows platform
IDE - Visual Studio - is used for WPF
tasks in Jira visible to the client
people can use Jira simultaneously
Technologies used by
Predictability is highly appreciated when we’re speaking about the project plan. Understanding the timeframes of each milestone and sprint gives the feeling of stability and security, which is valuable for the client and for us. EXISTEK takes no prepayments for milestone planning until all development steps are accepted by the customer.
The dedicated team model has long proved its effectiveness. We offer a team of specialists that have already worked together on numerous projects, and know what organizational approach will be the most suitable for them and will lead to the quick result delivery.
How we ensure visibility for the client
We try to make the development process as transparent and understandable for the customer as possible. We achieve it by keeping constant communication with them, reporting the performed work, and sharing our plans for each sprint and milestone.
Our goal was to create an enterprise app that will provide more security than long complex passwords. It had to protect the system from malware, social hacking, fishing, brute-attacks, leaks of the passwords databases, and other uncommon threats.
Leveraging our unique expertise in desktop operating systems architecture we helped to develop a robust product that completely eliminates those potential threats to the enterprise cybersecurity. Besides everything else, we managed to complete that almost impossible task of modifying the Windows login feature and successfully integrate it into the innovative and security software platform.
Design & documentation
Launch & support