2. Agenda
ï§ Introduction
ï§ What is BioCatch?
ï§ Product Details
ï§ Summary
2 Confidential , not for distribution
3. Who are we?
Israeli-based
company
(RSA, Trusteer,
Israeli defense
forces veterans)
Gartner
Cool
Vendor
2013
Installed in
US/Canada
banks
3 Confidential , not for distribution
Our
technology:
Cognitive
Behavioral
Analytics
ï§Authenticates the user
in online/mobile
banking
ï§Catches MITB, Remote
Access Trojans (RATs)
in the act
Offering
quick-ROI
Deployment
4. Whatâs special about BioCatch?
Analysis by Avivah Litan
âWhy Cool: BioCatch provides invisible, continuous biometric
authentication Gartner Cool Vendor of 2013
a user on a PC or mobile application by using a novel
technology that goes beyond the current approaches of monitoring
keystroke dynamics, mouse movements, speed patterns and other
physical actionsâ.
4 Confidential , not for distribution
5. What business do we solve?
Friction
OTP
123456
123456
Weâre able to strongly authenticate
without a friction cost
5 Confidential , not for distribution
SMS
One time codes
Smart Card
Readers
Tokens
6. What business do we solve?
Fraud operations cost
MITB (Man in the Browser)
Weâre able to accurately catch MITB,
RAT live attacks in the act
6 Confidential , not for distribution
7. The Science Behind BioCatch
Neural Motor Control
Or: how does our brain control movement?
It involves:
Information Processing
Coordination
Mechanics
Physics
Cognition
7 Confidential , not for distribution
-0.05
-0.1
-0.15
-0.2
-0.25
-0.3
-0.35
-0.4
-0.45
-0.5
-0.55
-0.7 -0.6 -0.5 -0.4 -0.3 -0.2 -0.1 0
ÎČx
ÎČy
8. Our Innovative Twist
Invisible Challenges
Or: how can we accelerate learning and detection?
8 Confidential , not for distribution
9. Use case and demo
9 Confidential , not for distribution
Mobile 2FA
(various designs)
PC/Mobile Invisible
10. Triggering a Response | Pro-Active
Example
Say youâre using a mobile app,
and drag an item to the right.
10 Confidential , not for distribution
Now say we introduce a subtle challengeâŠ
A 5° rotation to your move.
This is what would happen if you donât
offset the rotation: youâll end up a bit off
targetâŠ
But your brain wonât let this
happen. You will spontaneously
start correcting as soon as your
mind picks up the off-target
move, because your brain will
work on completing the task.
You wonât sense any change to
the user experience, as itâs a
low-volume effect (our research
team tests it scientifically).
And hereâs the beauty of the BioCatch
approach:
Different people respond differently.
Left: sharp, single correction (red)
Right: complex, multiple corrections (blue)
Colin | Fraud Director Shanee | QA Manager
11. The tall guy
How do you hold the device? What happens when you tap it
11 Confidential , not for distribution
Meet Alon, our 6â7â tall iOS developer.
When he thumps the device, itâs very
visible (blue spike)
Red/Green: x-y movement of device
Blue: vertical movement (up/down)
12. Acceleration Patterns | Passive
Example
When moving mouse to the right, how fast do you âclose loopsâ?
ï§ Very high in all
moves
ï§ Very slow in
short moves
ï§ Moderate in
long moves
12 Confidential , not for distribution
13. Selection wheel
One small element⊠And we can learn so much
Passive traits:
ï§ Rotation speed
ï§ Cognitive choice: what
do you spin first?
ï§ # of corrections at the
end of spin
ï§ Final selection strategy
(tap vs. spin)
13 Confidential , not for distribution
Pro-active,
subtle challenges:
ï§ Slight Increase /
Decrease Rotation speed
ï§ Slight change of speed
during correction spins
ï§ Various small effects
during final selection
14. Benefits over traditional behavioral
analytics
Property BioCatch Passive Behavioural
a a
Behavioural Parameters + +
a
Cognitive Parameters + -
X
Device Dependency Low High
Time for building profile Short Long
Excel at Free Form Usage
a
a
14 Confidential , not for distribution
Repeat Tasks (e.g.
password, PIN typing)
X
Remote Access Detection + -
X
No Reply Attacks + -
15. CyberCatch deployment
Top 10 Canadian Bank
ï§ Objective: reduce friction of High Risk
ï§ .2,000,000 Users of online banking since Sep 15th
ï§ 30% access from tablets
ï§ Up and running in 5 days (2 days JS Integration+3 days QA)
ï§ 3-month learning, 3-month operation
Top 50 US bank
ï§ .500,000 Users of online banking
ï§ Finished testing
15 Confidential , not for distribution
16. Our Project Heatmap
Consumer Commercial
Online
Mobile
Authentication
Threat Detection
Cognitive
Behavioral
Analysis
16 Confidential , not for distribution
18. Product Overview
BioCatch for Web
âą Biometric Frictionless
Authentication
âą RAT Detection
âą MitB Detection
18 Confidential , not for distribution
BioCatch for Mobile
âą Biometric Frictionless
Authentication (Touch)
âą Multi-Factor Authentication
Cognitive Behavioral Analytics Platform
âą BioCatch Management Application
âą BioCatch Integration Tools
âą BioCatch Rule/Alert Setting Tool (Roadmap)
âą BioCatch Visualizer Tool (Roadmap)
19. Online fraud detection
Risk Alerts
Session Data
19 Confidential , not for distribution
Management
Application
Fraud
Team
Bankâs Risk
Engine
BANK
BioCatch
Engine
User Behavior
(>350 Params)
Frictionless
Challenges
JavaScript SDK
Online Banking
Payee
Amount
Mobile
Banking
Payee
Amount
21. Online Banking Fraud Detection
Detecting Man-in-the-Browser Attacks
Human-in-the-Middle
21 Confidential , not for distribution
James 1st session
James 2st session
Automated Transactions (MitB)
Time User Transaction
10:22 FBorn None
10:22 FGreen Add Payee
10:26 JamesL Wire Transfer
10:31 LinaP Wire Transfer
22. Product Overview
Detecting Remote Access Sessions
Fraudster's Computer Genuine Userâs Computer
22 Confidential , not for distribution
RAT
23. Product Overview
VS other Fraud Detection Approaches
Cognitive Behavior
âGenuine?â
âHuman?â
âRemote?â
Application
Data
âNew Payee?â
âSuspicious Navigation?â
âHigh Amount?â
23 Confidential , not for distribution
Device
Attributes
âKnown Device?â
âInfected Device?â
âDevice IP Geo Location?â
Fraud
Detection
Approaches
24. Product overview
Less high risk Less fraud
Risk Engine
Application data?
Device
attributes?
High Risk
Transactions
4%-8%
Cognitive
Behavior?
>0.8%
24 Confidential , not for distribution
25. BioCatch Product overview
Integration tools
Receive Alerts & Behavioral Data from BioCatch
ï§ Alerts - eMail, JavaScript
ï§ Alert + Data - Flat Files, API (web Service)
Send BioCatch Fraud Feedback/ Whitelisting & Activity Data
ï§ Fraud Feedback/Whitelisting - BioCatch Management
Application, Flat Files
ï§ Activity Data (for MitB detection) â API, Flat Files
25 Confidential , not for distribution
26. Thank you!
To learn more: www.biocatch.com
26 Confidential , not for distribution