Behavioral Biometrics: At the Intersection of Fraud Detection and Digital Experience

Nov. 9, 2017 | by BioCatch

Digital transformation has swept the business world. From banking to insurance to e-commerce, being able to offer a compelling digital experience is the best way to attract and engage customers. Though digital transformation is a boon to both companies and their customers, it also introduces huge cybersecurity challenges for securing online sessions and preventing fraud.

Here’s the dilemma: user experience is key, but so is effective cybersecurity. The central question facing companies today is how to deliver smooth digital experiences that keep users coming back while also keeping them secure.

The Demand for Digital and Omnichannel Experiences

Consumers in the United States now spend more than five hours a day on their mobile devices. The average adult has 4.3 connected devices they use to get online, and 90% of consumers jump from one screen to another throughout the day. The connected world is constantly at people’s fingertips, and companies are working hard to reach consumers where they are by digitizing more services. 27% of executives rate digital transformation as a “matter of survival” for their company.

Today’s consumers expect to be able to interact with a company how and when they want to. They engage across multiple channels and devices and are looking for compelling and fully functional integrated experiences. With so many options for engagement available, it’s crucial to have an overarching strategy that envelops all communication channels, whether mobile, in-person or over the phone. This is the goal of the much talked about omnichannel engagement strategy.

Omnichannel strategies are built for today’s landscape, when brand interactions are even more important for keeping customers engaged and happy. Consumers use an average of almost six touch points when making a purchase, whether that be an interaction in-store, on an app, on the phone or on their desktop computer. Fifteen years ago the average consumer typically used two. By adding more digital functionalities, companies are able to provide better omnichannel experiences to consumers.

Digital capabilities allow companies to learn more about their customers than ever before. Brands can collect data on how customers interact on different channels and develop messaging tailored to each to enhance the customer’s experience. Brands can also create seamless experiences that keep up with customers who regularly hop from one channel to the next. In the retail world, a brand may accomplish this by making sure that an item added to the cart on a mobile device also appears in the cart on a desktop computer. Brands can note what products customers are browsing, or if they’ve left an item in their cart without purchasing, and send a follow up email or targeted ad to remind the consumer of their interest.

Data gathered from digital capabilities also helps companies listen and respond to their customers across all channels. Whether it’s the customer service, product or marketing team, understanding who customers are and what they need inherently leads to better service. Integrated digital functionalities make it easier for a customer service team, for example, to understand what questions or problems a customer has by creating greater visibility into the customer experience. In addition, consumers can use multiple channels to solve their concerns, whether a phone call, a chat application, an email or a company’s FAQ web page.

Why Digital Transformation for Businesses Means More Fraud

Digital transformation offers companies a significant opportunity to modernize, create new business models, acquire customers on new channels and create competitive and compelling digital experiences. Research shows that companies with omnichannel customer engagement strategies retain on average 89% of their customers compared to customer retention rate of 33% for companies with weak omnichannel customer engagement. By moving services online, businesses are able to enhance omnichannel experience and drive growth.

But digital transformation also comes with inherent risk and new opportunities for fraud. As businesses move services and products online, instances of new account fraud, social engineering, malware and Remote Access Tool (RAT) attacks increase.

Screen Shot 2017-11-09 at 3.15.05 PM.png

Standing between a company’s successful digital transformation and resultant growth are today’s fraudsters. These cyber criminals find the weaknesses in a company’s fraud detection and readily exploit them. In the insurance industry alone, for example, the annual cost of insurance fraud is approximately $40 billion.

Digital Experiences Are Key, But How Do You Secure Them?

In a digital-first world, users expect their digital experiences to be quick, easy to navigate, and secure. As a result, businesses are looking for a way to balance the convenience and ease of the experiences they offer with cybersecurity solutions that can detect new account fraud, social engineering malware and more.

Because, let’s be honest — passwords are a pain to remember and two-factor authentication slows users down. And most importantly, neither is effective at keeping users secure online. Sophisticated cyber attacks and large scale data breaches have made passwords and two-factor authentication obsolete. It may be surprising, but 100% of fraud occurs in authenticated sessions, meaning fraud is occurring undetected after login. Cybercriminals use personal information obtained from the dark web to login to an account, social engineering to trick a user into entering confidential credentials or remote access attacks to commit fraud.

Behavioral biometrics is emerging as the solution to providing secure, customer-focused digital experiences.

The Rise of Mobile and Securing Digital Experiences

When it comes to digital experience, we all know that mobile has taken over, eclipsing desktop as the preferred way to get online. 69% of digital media time is spent on mobile, and mobile-only internet users have grown 28% in the last two years, with 41 million in the United States in 2017.

Fraudsters know this too, and are becoming more adept at infiltrating mobile devices to commit fraud. Though mobile apps use passwords or two-factor authentication by phone call or text push notification to validate users, hacking still occurs at an alarming rate. Currently, the average fraudulent transaction is priced at around $130 for mobile transactions and $115 for tablets. This is troubling news for companies that need to reach consumers on mobile devices.
Recently, Samsung SDS Nexsign and BioCatch teamed up to show how behavioral biometrics can secure mobile payment apps, deliver a top-notch user experience and foil fraudsters — no login required. For example, a user can enter a payment app and set up a money transfer by tapping and swiping to choose a recipient, transfer amount or write a memo. It’s a simple interaction that does not require pins or passwords. If the user behavior checks out against the user’s profile, the transaction will go through. If the system detects any suspicious actions that diverge from the user’s norm, the session is flagged for possible fraud. This is possible because BioCatch’s fraud detection solution runs in the background to provide continuous, risk-based authentication to ensure that mobile transactions are conducted by legitimate users.

With more people using mobile payment apps, particularly younger users, companies that provide seamless user experiences, such as Venmo, are winning out over those that don’t. Behavioral biometrics is one way to provide that simplicity of use while also staying secure.

Fraud Detection Without Disrupting User Experience

What sets behavioral biometrics apart is that it provides stronger fraud detection alongside seamless digital experiences. Behavioral biometrics relies on user behavior to detect fraud, instead of static identifiers. As a result, the technology can work continuously in the background to authenticate users, eliminating any friction cause by two-factor authentication and passwords.

Behavioral biometrics technology helps companies navigate digital transformation through two main functions: identity proofing and continuous authentication.

Identity proofing

Where traditional fraud prevention measures fall short, behavioral biometrics is redefining fraud detection by analyzing how personal information is entered into an online application, not what is being entered. With so much personally identifying information (PII) available on the dark web due to data breaches, committing fraud is easy for cybercriminals. What they can’t mimic is the normal behavior of a legitimate user. Identity proofing differentiates between fraudsters and real users by building out profiles based on how both interact with online applications. Without a customer realizing, behavioral biometrics works in the background to learn how they normally interact with a device, from click patterns to the speed at which they move the mouse. As a result, behavioral biometrics keeps users secure with no additional authentication steps.

Continuous authentication

Continuous authentication is a new technology that uses a person’s behavior to continuously verify their identity throughout a session — not just at login. Because the user session is constantly monitored, behavioral biometrics can detect human and non-human behavioral anomalies, prevent account takeover and detect other cyberthreats. Once again, this all takes place in the background, meaning that the user doesn’t need to take extra steps, like two-factor authentication, to stay secure.

Companies know that user experience comes first. But those same customers also need to feel secure online. Behavioral biometrics is able to meet both of these concerns, allowing companies to build our their digital offerings while eliminating the need for passwords and more to reach and please consumers.

 For more about how behavioral biometrics is helping provide frictionless digital experiences, read this case study on how a UK bank is using BioCatch technology to authenticate more than 1.5 million users.

Topics: Authentication, Behavioral Biometrics