A biometrics-based security firm has released a free platform to help smaller businesses move towards identity-based authentication.

AimBrain’s product is designed to replace more traditional methods of security, such as passwords and PINS, with biometric-based security. It sells to customers that run services like online banking apps.

It has always used open-source software development kits (SDKs) and now it has released a free-for-life platform aimed at ‘entrepreneurs, app developers and technical audiences.’

Targeted at smaller companies, the platform has a limit of 1,000 API calls a month. “This is more than enough for a small business; above 1,000 and we’re getting into corporate territory. To put it into perspective, 1000 API calls equates to someone ringing you every 43 minutes for a month,” said AimBrain CEO and co-founder Andrius Sutas.

Commenting on the decision to make the platform free for smaller businesses, Sutas continued: “The current consumption model is not attractive to those building the businesses of tomorrow.

“We realised that there are many smaller businesses or creative individuals that don’t need hand-holding or to be dragged through the typical sales cycle; they know what they’re doing and just want to use the technology without interference.” It will also, of course, be advantageous for the company to gain many more users who may eventually upgrade to a paid model.

Put into further context, the cap of 1000 API calls per month would suit a small organisation, according to AimBrain, given that a business with an app that has a user base of 500 of whom 20% log in weekly and 80% monthly would use 800 requests.

AimBrain’s technology works in conjunction with app security. It works by setting a threshold of acceptable behaviour and if a user goes below that threshold – which AimBrain assesses by looking at information like typing speed, or touch pressure, or many other metrics – it will work with the bank to ask the user for further authentication. This all happens without user interference, until the point at which authentication is required.