2. Agenda
Introduction
What is BioCatch?
Product Details
Summary
2 Confidential , not for distribution
3. Who are we?
Israeli-based
company
(RSA, Trusteer,
Israeli defense
forces veterans)
Gartner
Cool
Vendor
2013
Installed in
US/Canada
banks
3 Confidential , not for distribution
Our
technology:
Cognitive
Behavioral
Analytics
Authenticates the user
in online/mobile
banking
Catches MITB, Remote
Access Trojans (RATs)
in the act
Offering
quick-ROI
Deployment
4. What’s special about BioCatch?
Analysis by Avivah Litan
“Why Cool: BioCatch provides invisible, continuous biometric
authentication Gartner Cool Vendor of 2013
a user on a PC or mobile application by using a novel
technology that goes beyond the current approaches of monitoring
keystroke dynamics, mouse movements, speed patterns and other
physical actions“.
4 Confidential , not for distribution
5. What business do we solve?
Friction
OTP
123456
123456
We’re able to strongly authenticate
without a friction cost
5 Confidential , not for distribution
SMS
One time codes
Smart Card
Readers
Tokens
6. What business do we solve?
Fraud operations cost
MITB (Man in the Browser)
We’re able to accurately catch MITB,
RAT live attacks in the act
6 Confidential , not for distribution
7. The Science Behind BioCatch
Neural Motor Control
Or: how does our brain control movement?
It involves:
Information Processing
Coordination
Mechanics
Physics
Cognition
7 Confidential , not for distribution
-0.05
-0.1
-0.15
-0.2
-0.25
-0.3
-0.35
-0.4
-0.45
-0.5
-0.55
-0.7 -0.6 -0.5 -0.4 -0.3 -0.2 -0.1 0
βx
βy
8. Our Innovative Twist
Invisible Challenges
Or: how can we accelerate learning and detection?
8 Confidential , not for distribution
9. Use case and demo
9 Confidential , not for distribution
Mobile 2FA
(various designs)
PC/Mobile Invisible
10. Triggering a Response | Pro-Active
Example
Say you’re using a mobile app,
and drag an item to the right.
10 Confidential , not for distribution
Now say we introduce a subtle challenge…
A 5° rotation to your move.
This is what would happen if you don’t
offset the rotation: you’ll end up a bit off
target…
But your brain won’t let this
happen. You will spontaneously
start correcting as soon as your
mind picks up the off-target
move, because your brain will
work on completing the task.
You won’t sense any change to
the user experience, as it’s a
low-volume effect (our research
team tests it scientifically).
And here’s the beauty of the BioCatch
approach:
Different people respond differently.
Left: sharp, single correction (red)
Right: complex, multiple corrections (blue)
Colin | Fraud Director Shanee | QA Manager
11. The tall guy
How do you hold the device? What happens when you tap it
11 Confidential , not for distribution
Meet Alon, our 6’7” tall iOS developer.
When he thumps the device, it’s very
visible (blue spike)
Red/Green: x-y movement of device
Blue: vertical movement (up/down)
12. Acceleration Patterns | Passive
Example
When moving mouse to the right, how fast do you ‘close loops’?
Very high in all
moves
Very slow in
short moves
Moderate in
long moves
12 Confidential , not for distribution
13. Selection wheel
One small element… And we can learn so much
Passive traits:
Rotation speed
Cognitive choice: what
do you spin first?
# of corrections at the
end of spin
Final selection strategy
(tap vs. spin)
13 Confidential , not for distribution
Pro-active,
subtle challenges:
Slight Increase /
Decrease Rotation speed
Slight change of speed
during correction spins
Various small effects
during final selection
14. Benefits over traditional behavioral
analytics
Property BioCatch Passive Behavioural
a a
Behavioural Parameters + +
a
Cognitive Parameters + -
X
Device Dependency Low High
Time for building profile Short Long
Excel at Free Form Usage
a
a
14 Confidential , not for distribution
Repeat Tasks (e.g.
password, PIN typing)
X
Remote Access Detection + -
X
No Reply Attacks + -
15. CyberCatch deployment
Top 10 Canadian Bank
Objective: reduce friction of High Risk
.2,000,000 Users of online banking since Sep 15th
30% access from tablets
Up and running in 5 days (2 days JS Integration+3 days QA)
3-month learning, 3-month operation
Top 50 US bank
.500,000 Users of online banking
Finished testing
15 Confidential , not for distribution
16. Our Project Heatmap
Consumer Commercial
Online
Mobile
Authentication
Threat Detection
Cognitive
Behavioral
Analysis
16 Confidential , not for distribution
18. Product Overview
BioCatch for Web
• Biometric Frictionless
Authentication
• RAT Detection
• MitB Detection
18 Confidential , not for distribution
BioCatch for Mobile
• Biometric Frictionless
Authentication (Touch)
• Multi-Factor Authentication
Cognitive Behavioral Analytics Platform
• BioCatch Management Application
• BioCatch Integration Tools
• BioCatch Rule/Alert Setting Tool (Roadmap)
• BioCatch Visualizer Tool (Roadmap)
19. Online fraud detection
Risk Alerts
Session Data
19 Confidential , not for distribution
Management
Application
Fraud
Team
Bank’s Risk
Engine
BANK
BioCatch
Engine
User Behavior
(>350 Params)
Frictionless
Challenges
JavaScript SDK
Online Banking
Payee
Amount
Mobile
Banking
Payee
Amount
21. Online Banking Fraud Detection
Detecting Man-in-the-Browser Attacks
Human-in-the-Middle
21 Confidential , not for distribution
James 1st session
James 2st session
Automated Transactions (MitB)
Time User Transaction
10:22 FBorn None
10:22 FGreen Add Payee
10:26 JamesL Wire Transfer
10:31 LinaP Wire Transfer
22. Product Overview
Detecting Remote Access Sessions
Fraudster's Computer Genuine User’s Computer
22 Confidential , not for distribution
RAT
23. Product Overview
VS other Fraud Detection Approaches
Cognitive Behavior
“Genuine?”
“Human?”
“Remote?”
Application
Data
“New Payee?”
“Suspicious Navigation?”
“High Amount?”
23 Confidential , not for distribution
Device
Attributes
“Known Device?”
“Infected Device?”
“Device IP Geo Location?”
Fraud
Detection
Approaches
24. Product overview
Less high risk Less fraud
Risk Engine
Application data?
Device
attributes?
High Risk
Transactions
4%-8%
Cognitive
Behavior?
>0.8%
24 Confidential , not for distribution
25. BioCatch Product overview
Integration tools
Receive Alerts & Behavioral Data from BioCatch
Alerts - eMail, JavaScript
Alert + Data - Flat Files, API (web Service)
Send BioCatch Fraud Feedback/ Whitelisting & Activity Data
Fraud Feedback/Whitelisting - BioCatch Management
Application, Flat Files
Activity Data (for MitB detection) – API, Flat Files
25 Confidential , not for distribution
26. Thank you!
To learn more: www.biocatch.com
26 Confidential , not for distribution