Some of the most powerful biometrics and identity-centric security in financial services is invisible. As fraudsters become more sophisticated, banks must increase security while protecting their customer’s user experience and finances. Behavioral security solutions, like those offered by ThreatMark, operate in the background of sessions, keeping users safe and blocking fraudsters without sacrificing a convenient, frictionless experience.
In this interview with FindBiometrics Founder Peter O’Neill, Michal Tresner, CEO of ThreatMark, discusses the genesis of his company’s behavioral approach to anti-fraud technology, and the new wave of social engineering attacks it’s helping banks thwart. The interview goes on to highlight how ThreatMark is different from other fraud prevention vendors, delving into the multiple layers of user behavior its solution uses for continuous authentication– including biometry. There is talk of digital transformation, the effects of COVID on the fraud landscape, and a preview of what’s next for ThreatMark in this enlightening interview.
Read the full FindBiometrics interview with Michal Tresner, CEO, ThreatMark:
Peter O’Neill, Founder, FindBiometrics: How did you end up in the anti-fraud space?
Michal Tresner, CEO, ThreatMark: We started as a provider of threat detection solutions for online banking. But soon we found out that, as with most of the security solutions out there, it is kind of a cat and mouse game—where banks are constantly trying to catch future attacks based on the fraudster’s or attacker’s past behavior.
That approach is not very effective, and it brings a lot of false positives. So, we came up with a revolutionary idea to precisely map out the behavior of legitimate users and to make sure that any anomaly in that behavior is precisely assessed and reported.
Only that approach is stable through time, in fact, and it is also successful in identifying even future fraud, fraud types, or fraud schemes. All while keeping the best possible user experience for the legitimate users.
Peter O’Neill: What are the biggest challenges you’re solving for your customers?
Michal Tresner: We are now primarily working with banking customers, and it seems that each bank is having different challenges. New attack types are emerging every day, specifically during the COVID pandemic. Today, quite often, it is some form of social engineering, such as phishing or vishing (quite often called tech-support scam), that is very hard to tackle.
However, through our complex approach of deep behavioral profiling, which is supported by behavioral biometrics, we’re able to spot even such types of fraud cases.
Beyond threats, banks are usually overwhelmed with false positives. Even those banks which have sophisticated threat management tools set up. What we see is that their fraud teams are dealing with transaction alerts that need to go through manual review, and then they go to call center verification and so on. And all that causes quite a high cost for the bank, as well as friction for the banking users.
Additionally, banks are also looking at solving regulatory issues, such as PSD2 Strong Customer Authentication and fraud monitoring, or similar BDDK regulation in Turkey—which we are also able to help them in full.
And one other thing could be a 3D Secure authorization of card payments, which nowadays are required to go through a strong customer authentication or authorization. And through our behavior profiling and behavior biometrics, we can help with that authorization while increasing the user experience as well.
Peter O’Neill: You covered a lot of very interesting topics during that last response, and I’d like to explore a little bit deeper on some of them. First of all, how has the pandemic affected your business? Secondly, we just completed our 18th annual Year in Review, and the industry is telling us that phishing attacks, and other fraud attacks are hugely on the increase, which makes sense to us. Are you finding that? How are you dealing with all that?
Michal Tresner: Yes, this COVID pandemic is definitely bringing a lot of acceleration to digitalization, that’s for sure. And that is valid, not only for banks, it’s visible in all verticals that we are trying to deal with.
The pandemic provides a perfect opportunity for fraudsters and scammers, leveraging fear from the pandemic and urgency, to deliver their malicious code and manipulating their victims through ever-changing, social-engineering-based fraud schemes.
In online banking specifically, we see a dramatic increase in threats. We have a Security Operation Center that was able to identify and mitigate 400 percent more phishing attacks during 2020 than during the previous year, which is quite a dramatic increase. We also see a lot of social engineering with a focus on account takeover; aiming for a payment fraud, money being stolen, basically.
Such complex attacks could be drastically mitigated if banks would have implemented threat protection that provides early warning, prevents account takeover through strong user verification, and performs transaction risk analysis under one analytical roof. And that’s actually what we are bringing to the market.
Peter O’Neill: Can you please talk a little bit more about your deep behavioral profiling and biometrics and, how do you stand out in the crowd? How are you different? What are you bringing to the table?
Michal Tresner: Our approach is quite different from other fraud prevention vendors out there. We combine the largest amount of user behavior patterns and context of actions performed by the online user under one analytical roof. So, we look at things like the location of the user, a device that he has been using before, the time of past behavior or past interactions, the date of those interactions, etc.
We also look at user navigation patterns when working with the application. We look at his typing style, typing cadence. Look at his swiping when using a mobile phone, for example.
Additionally, we added spending behavior to the context so we understand what represents a typical spending behavior of each user in the online banking systems. And all the behavior patterns and contextual patterns we process come together one analytical roof, where machine-learning-based algorithms are trying to find out which of those behaviors would be considered suspicious for that user.
And this way we can provide a multi-layered approach and continuous authentication and authorization that brings great fraud prevention capabilities while improving the user experience at the same time.
Peter O’Neill: So, basically, you’re using behavioral biometrics and then layering on top of that?
Michal Tresner: We understand behavioral biometrics as only one of the features of the very complex behavior of an online user. So, we combine multiple levels of behavior, multiple types of behavior under one analytic engine, and behavioral biometry being only one of those types.
Peter O’Neill: What does this all mean for the end-user? If for example, I am using my banking app, what does it mean for me personally?
Michal Tresner: So, you being able to transact – in a much more secure way than if the protection wouldn’t be in place for a particular bank – without any hindrance to your experience.
Our capabilities provide an invisible authentication and authorization layer to the whole customer journey. So, it is quite interesting to say that the only visible thing for the user is an invisible substance of our solution, but it is true. So, while being protected by our solution, we can continuously verify your identity and the context of operations, and if the risk is low, we continuously send that information to the bank and the bank would then not bother you with any additional authentication steps or authorization steps for the payment; or any active operations.
In a nutshell, your customer journey has a much better user experience; It’s completely frictionless. And while only providing a login and password to the bank, you are still being verified by some invisible protection layer. And protected from outside threats – malware, phishing, vishing, web injects and others – at the same time.
Peter O’Neill: That’s very interesting, Michal. We’ve been following the biometric journey through financial services for about 10 years now. And it’s just really been about the last five where it has really started to take off, including biometric credit cards that are coming to the market very soon. So financial services make a lot of sense for the types of products and services you offer. Beyond that, what other vertical markets is your technology good for?
Michal Tresner: For the last five years, we are targeting financial institutions and banking primarily because we saw a very, very strong need for a sophisticated user identity verification and fraud prevention solution for the banking industry.
But, also accelerated by COVID, we see a very high level of digitalization across industries. And I have to say that primarily the regulated industries are on our radar, so anyone who needs to go through a PSD2 regulation, any KYC checks, or any banking specific procedures or regulations are our target customers from the perspective of the advanced protection mechanism.
So right now, we are starting to work with financial institutions that are offering some, let’s say, new products through an online channel or new customer journeys are opened up through an online channel. This could be, for example, be a fully online account opening procedure that not only banks are providing, but also other verticals or other industries or businesses are providing.
And through this online account opening process, we see a great uptick in the amount of fraud. Fraudsters are trying to present fake user details or synthetic identities, with the goal of scamming the companies. And we believe that our approach, specifically the deep behavior profiling supported by behavioral biometrics, has a dramatic impact on the ability to increase the chance for the industry or for the business to detect synthetic identities or fraudulent account openings.
Peter O’Neill: I guess that covers all the big online players, and retail also comes to mind. Everybody’s now not going to a brick-and-mortar store and what we’re finding is that this is all happening very fast. The other industry that I think your technology would be excellent for – and is, as you mentioned, highly regulated – is insurance and legal. These are industries that are really struggling right now to figure out how to do business without in-person interaction. Healthcare is another marketplace that we see as a fair bit behind financial services, for example. But right now, they’re faced with quite a dramatic need to try and do remote doctor visits, remote prescription, where it’s very, very critical that you have to ensure that you’re dealing with the right person.
Michal Tresner: Yes, that’s absolutely right. We see that any industry out there, and specifically during these quite complicated times, is looking at enabling user interactions, both in the onboarding phase as well as the account access phase, through online means. And for all those use cases, you need some user identity verification solution.
There are a lot of identity verification solutions out there, but none of these solutions is actually trying to look at the intentions of the user and that’s exactly what our behavior profiling can provide.
We can verify that the intentions of the user, based on subtle differences in their behavior when trying to interact with any online application, are of a fraudster or are just normal behavior, interactions of the legitimate users. And that is a very important insight that we try to deliver to those businesses. And healthcare is one of those that are lagging, but that is one of those that have the most sensitive information. So, some kind of account access verification through behavior profiling is definitely recommended.
Peter O’Neill: Totally agree. And what can we expect to see from your company in the remainder of this year?
Michal Tresner: Currently when it comes to technology, we are building new capabilities that would allow us to spot new types of fraud attacks or scams that are leveraging remote access tools, such as TeamViewer or LogMeIn, to provide access to a computer of a victim from a fraudster perspective.
So, the fraudsters are leveraging these tools to access the victim’s computer, and then, on his behalf, they are performing some payment operations within their authenticated online account in a bank. So, we have developed an algorithm to detect such activity in real-time and we are now delivering that technology to our first customers. Some other things that we have on our radar for ’21 would include increased capabilities in the account opening fraud prevention, through behavioral biometrics. So that’s something we believe is very much needed these days across industries and we are delivering the first POC now.
Peter O’Neill: Well, Michal, I applaud you for the work that ThreatMark has been doing over the past several years. Thank you very much for carving out some time to talk with us today.
Michal Tresner: We thank you, and I thank you for having me here. I am looking forward to some more discussions in the future.