Back to Blog

Finovate Debuts: BioCatch

Finovate Debuts: BioCatch

The Finovate Debuts series introduces new Finovate. alums. Today’s feature is BioCatch, which demonstrated its invisible authentication methods at FinovateFall 2014.

By tracking the way users interact with web and mobile banking platforms, BioCatch uses invisible tests to authenticate users and prevent fraud.

The cloud-based solution gets ahead of malicious behavior by intervening before fraudsters enter the system.

Stats

    • Recently moved headquarters to Tel Aviv from Lod, Israel
    • Founded April 2011, launched BioCatch in 2013
    • $10 million raised
    • 25 employees
BioCatchuserDiagram

The experience

BioCatch helps banks and ecommerce enterprises catch fraudsters while authenticating the actual users. It uses 400 different parameters, such as how fast the user types and their usage preferences.

BioCatch starts by building a profile of each user to capture their typical behavior during an online banking session. Once complete, BioCatch is able to flag uncharacteristic usage patterns as fraud.

>> Catching the fraudsters

To determine fraudulent activity, BioCatch considers factors such as:

    • Does the user move between fields using a mouse or using the Tab key?
    • Do they click the submit button or use the Enter key?
    • When entering an amount, do they use the keypad or the number pad?
For each online banking session, the bank views a dashboard that shows geographical location, an analysis of each user’s session, the session flow, the behavioral patterns of the account, an analysis of the threat, as well as device and network risk scores. 
BioCatchAnalystStation1
The authentication analysis scores how the user performs compared to their regular behavior. The information is presented in a dashboard, similar to the one below, which indicates unusual login rythmics and mouse dynamics.
BioCatchAnalystStation
>> Proving the good user

Aside from just detecting and stopping fraud, BioCatch can reduce false positives, as well.

For example, if a New York-based customer is accessing their account while on a trip to Des Moines, the different geographical location may raise some red flags. The out-of-character activity may cause the bank to identify the actual user as a criminal.

The consequence (getting locked out of their account or having to call the bank to authenticate themselves) creates friction in the user experience and can harm the relationship.

What’s new?
BioCatch recently launched The Art of Fraud Catalogue showcasing patterns generated by malware. After analyzing user behavior, BioCatch realized that usage patterns created great art. 

The piece below was captured from fraud discovered in North America. It is titled, The Matrix Fraud.

BioCatchMatrixFraud

The idea is that fraud patterns are all unique, just like art itself.

Bottom line
BioCatch provides a low-friction way to catch fraud. When users don’t have to jump through hoops and are not wrongfully pegged as fraudsters, they have a faster and more pleasant experience.

Check out BioCatch’s demo its authentication methodology at FinovateFall 2014.