BioCatch is once again detailing the security benefits of behavioral biometrics in the banking industry, this time explaining how the technology can help spot cybercriminals before they even try to initiate a fraudulent transaction. To that end, the company noted that fraud is seldom limited to a single session, and that a fraudster will often log in at least once before moving forward with an actual scheme.
According to BioCatch, that initial login is essentially a scouting mission, insofar as the fraudster is trying to test credentials and familiarize themselves with an account before doing anything that would trigger any kind of notification. They will instead gather information and leave after a short time, with plans to come back later to commit a crime.
Fraudsters are able to lurk in such a fashion because many security systems – including some behavioral systems – only analyze specific events, such as logins, transactions, or address changes. Such systems are blind to anything that happens in between those discrete events, which creates plenty of room for criminals to move around undetected. However, those early sessions do give financial institutions a chance to act before any money is lost, if they can find a way to pull back the curtain and look at in-session user activity.
That’s exactly what BioCatch’s behavioral biometrics platform was designed to do. The solution offers continuous passive authentication, analyzing factors like scroll speed and mouse activity to build a profile of each user, even when they are not directly engaged in a financial exchange. With such a system, banks can tell when a different person has gained access to an account, either because that person is not familiar with the data, logged in with a different device, or displayed anomalous behavior, as in the case of pasting credentials instead of typing them in.
From there, the bank can take follow-up action to make sure that the account is safe the next time the fraudster tries to log in. Doing so will reduce overall fraud losses for banks and consumers, even as the volume of digital transactions increases in the years ahead.
April 19, 2021 – by Eric Weiss