Fintech Spotlight: BioCatch and Pattern Recognition to Fight Banking Fraud

RATS in the browser are a growing problem for banks in the game of cyber 'cat and mouse' that they
Photo: Uri Rivner, VP pf Business Development and Cyber Strategy, BioCatch at DLD Israel

Earlier in the month, Tel Aviv hosted the annual DLD Technology Innovation Festival. The event happened to coincide with a huge sand/dust storm in Israel. As one could imagine, this caused a bit of a damper to the outdoor portions of the festival, but led to packed rooms for any indoor meetings and presentations. Despite the strange weather, the DLD Festival was and is a great place to get the pulse of both the local and global direction of technology.

(Not directly related to the financial industry, but of note nonetheless, was an increase of mobile games related startups and presenters. The evolution of this sector appears to be coming at the expense of the massive ad-tech industry in Israel, which is suffering from a trend of the available tech workforce moving towards games.)

Focusing on overall technological innovation, Fintech tends to take a back seat to other more prevalent sectors during the festival. Nonetheless, there were still a few Fintech attractions among the meetups and presenters.

One of the more interesting presentations was from BioCatch’s Uri Rivner. The firm’s VP pf Business Development and Cyber Strategy, Rivner’s presentation was part of the larger Microsoft Innovation Fest.

RATS in the Browser

A cyberfraud prevention company, BioCatch provides banks and other financial firms with solutions to prevent their end-customer’s accounts from being breached. According to Rivner, one of the fastest growing threats affecting banks are RATS (remote access Trojans) in the browser (RITB) malware.

If a new Trojan is released in the fraud underground without a remote access capability, no one wants to buy it

Similar to remote help desk software, once downloaded RITBs have the ability to take over a customer’s browser and operate remotely. As a result, this malware can be used by fraudsters to serve up web pages that resemble a user’s bank account login and collect their user IDs and passwords. Once collecting this information, thieves can enter an unsuspecting customer’s account and direct payments and wire transfers to themselves.

Due to advantages these viruses provide fraudsters, Rivner explained that RATS have become “must have” malware features. He added that “if a new Trojan is released in the fraud underground without a remote access capability, no one wants to buy it”.

Fighting banking fraud with pattern recognition

Unlike database theft where fraudsters will hack into a company’s servers and steal user information, with RITB’s they are collecting the data directly from customers. As a result, the financial institution doesn’t know that a breach has been made, and so their suspicions are not aroused when the fraudster enters a bank customer’s online account.

Knowing that this type of fraud can take place, among the most common solutions are IP checks that can detect if a customer is making a suspicious entrance into their account. By analyzing where a customer is logging in from, compared to their previous web account entrances, a bank can be flagged and prompt additional security questions that need to be answered before full account access is granted.

While this solution provides an answer to some forms of fraud, it can be overcome by thieves who are entering a bank account directly from that customer’s computer. This is specifically a problem with RITBs. Rivner explained to Finance Magnates that “with RITB, the fraudster opens a browser from within the legitimate user device, and conducts an end-to-end session including a fraudulent money transfer”. As such, Rivner added that “traditional malware detection tools won’t find anything unusual, and defense layers based on analyzing device and location will show a valid session.”

To provide greater security, cyber security firms have begun to utilize pattern recognition to identify bank customers. Among the small but growing list of firms offering this type of technology, BioCatch provides a cloud based data collection and analysis that integrates on a bank’s online account website or in their mobile app.

Analyzing mouse movements to reveal whether the user is right or left handed

Once integrated, BioCatch is available to track how bank customers use login and use their accounts. Examples include tracking how quickly they enter their user and password, whether they use tab or their mouse to move between the user and password forms, analyzing mouse movements to reveal whether the user is right or left handed, and patterns related to where a customer clicks to after first entering their account. For mobile devices, BioCatch also can track items such as how they scroll up and down and if there is any slant in their scrolling movements.

Upon collecting this data, it is sent to the BioCatch cloud where it is analyzed and bank customers are identified by their patterns. Once creating a unique identity, BioCatch is able to use this information to cross-check subsequent logins to verify if it matches. In cases where there is a potential breach, the bank is alerted and additional security measures such as security questions or a phone call are made to the account holder.

According to Rivner, among the benefits or pattern detection is that there is a minimal period needed to create a profile for customers. Rivner explained that due to the differences between real and remotely controlled login sessions, the profiling to verify bank customers can be completed through their first account login.

While BioCatch provides an SDK for mobile apps, Rivner mentioned that as of today, banks have not reported breaches on the same scale with mobile devices. Giving a reason for this, Rivner said “you can do far less in mobile banking”, such as “setting up wires to new beneficiaries”. As a result, Rivner explained that fraudsters have less incentive to attack bank apps compared to through using RATS on browsers.

Looking ahead, Rivner stated that banks are continuing to look at new ways to add more features through mobile to their users. As this takes place, it will create more demand for what Rivner called “frictionless ways to boost security without adding any changes to the current sleek user experience”. Overall, as banks create ways for their customers to access their accounts, fraudsters will seek innovative breaches, and the cat and ‘rats’ game will continue.

Fintech Spotlight is a new column on Finance Magnates devoted to reviewing innovative financial technology companies and sector trends.

Catch the future of fintech or present your startup at this year’s Fintech Spotlight at the Finance Magnates London Summit

Got a news tip? Let Us Know