Distinguishing between a criminal and an honest person when both enter valid information on a credit application has been a successful application of behavioral biometrics for almost 10 years. Using behavioral biometrics as a second authentication form factor to secure online bill payments and ecommerce transactions is a new application of that technology.
BioCatch is first to market with a product. Criminals behave differently than honest individuals. When they use computer programs, the data entry process goes too quickly, which is a red flag. Alternatively, when they manually enter data, they go slower than a valid consumer.
How they handle function keys, make swipes, how hard they press on keys and when they take keyboard shortcuts (scrolling, tabbing, pasting) often gives criminals away. One behavioral factor that strengthens prediction
of a valid user is auto-fill.
BioCatch has tested its web-based physical and cognitive behavioral biometrics with several bank clients in Europe. The challenge was to see if there was enough baseline information to successfully identify a person
using only the limited keystrokes a cardholder needs to execute the 3DSecure protocol for ecommerce payments.
That data was supplemented with BioCatch technology that can determine the age of a person inputting data, which is a strong predictor of a valid user. The final step in BioCatch’s three-layer approach incorporates the company’s devicerecognition technology, which incorporates geolocation, IP address, device features and network information. All steps have to comply
with the consumer privacy requirements tied to strong customer authentication in the European Union’s PSD2 regulation.
BioCatch, which has over 50 customers worldwide, has been granted over 60 patents. Customers use one or more of the company’s products to prevent new account and account takeover fraud as well as to detect social
engineering voice scams. The first bank to deploy BioCatch technology to comply with strong customer authentication requirements will be live by the end of this year in the U.K. The company has received over $200 million
in funding, including $145 million in a Series C round last year led by Bain Capital Tech Opportunities.
Source Nilson Report
