Mobile malware is used by fraudsters to harvest information or allow a fraudster
to take administrative control of the device to intercept information such as login credentials or one-time passcodes.
Problem overview
Mobile malware comes in many forms and is distributed in several ways. Clever social engineering schemes are created to get users to download malware onto their devices, most often through a phishing email, SMS text message, or phony app. While Apple iOS is a target, mobile malware predominantly impacts Android devices. Once infected, mobile malware is capable of hijacking the operating system and taking over a user’s device.
Detecting malware on mobile devices has relied heavily on traditional anti-virus (AV) scanning technologies, which look for the name of the suspicious package and regularly monitor apps and their hashes for the malware. However, as has been witnessed in the online channel for years, AV detection comes with limitations, as malware is designed to change its files frequently in order to evade detection.
Behavioral biometric intelligence looks at swipe events, touch areas, device movement, navigation patterns, and other behavioral cues to detect the presence of malware. When compared to historical genuine sessions, behavioral data provides strong indicators to detect a significant number of mobile malware cases.
How banks use behavior to detect mobile malware
99 %
Detection rate of BioCatch solution for malware attacks
500 k
In fraud losses saved over a five-month period
4500
Fraud sessions with malware stopped
The many faces of mobile malware
Nearly three out of four fraud events target users in the mobile channel. Using behavioral data is an innovative way to uncover malware by looking at the way a session is conducted to infer whether it is a human behind the activity or if there are indicators of manipulation. Download the white paper to get an inside look at how behavioral data is being leveraged to detect popular financial malware variants and how global banks are using it to successfully prevent account takeover.
use cases
Credential Stuffing
Phishing Site Detection
SIM Swapping
Remote Access Attacks