In my previous blog post, I discussed the differences between a static and dynamic approach to leveraging biometrics for fraud detection. The second part of this blog series will focus on behavioral biometrics, a form of dynamic biometrics that many financial institutions have adopted in recent years to drive continuous protection and banish friction in digital channels.
Behavioral Biometrics: Then and Now
While behavioral biometrics is a breakthrough technology that’s gained traction over the last decade, the measurement of patterns relating to human activity is nothing new. In the 1860s, as telegraph operators got better at using the new machine, they became recognizable by the way they sent dash and dot signals. In fact, allied forces in World War II would verify the authenticity of messages they received by how they were sent. In the 1960s, with the advent of computers, the first model of human acoustic speech production was created, followed by the development of the first signature recognition system. By 1970, the behavioral components of speech were modeled, and by 1976, the first prototype for speech recognition was created. In 1977, a patent was awarded to Veripen for the capture of dynamic pressure related to an individual’s signature characteristics.
Today’s behavioral biometrics go beyond signature, voice, and speech to look at multiple data and end point interactions like hand-eye coordination, pressure, hand tremors, navigation, and other finger movements. They can assess how well people know the information they’re entering and how familiar they are with the application they’re using by how they interact with it.
Dynamic Detection with Behavioral Biometrics
Behavioral biometric technology offers continuous protection post login, maintaining the integrity of online and mobile sessions without any friction or disruption to the end user. By monitoring real-time interactions between users and their apps and devices, it is possible to get actionable intelligence to fight cybercriminals.
Providing continuous protection is not only about reducing fraud losses but building trust in digital interactions. BioCatch provides truly continuous protection by collecting and analyzing data throughout the session, so even the most subtle changes within the session do not go undetected. The BioCatch Risk Engine is powered by machine learning algorithms that analyze physical and cognitive digital behavior of users across web and mobile channels. The model takes into consideration real-time physical interactions such as keystrokes, mouse movements, swipes, and taps. This data is used to profile and analyze a user’s digital behavior on three levels. The graph below depicts this in more detail.
Once established, the system can detect anomalies and suspicious behavior at an extremely high-level of accuracy and low rate of false positives, improving the customer journey. In the event of anomalous behavior, real-time alerts and analyses are provided to support fraud analysts in detection. This capability provides ongoing security throughout the session and guides the decision to escalate only when the anomaly rate is very high.
Mapping and monitoring these behavioral patterns throughout the users’ time within the application, behavioral biometrics can indicate fraudulent behavior that occurs after the login, that is, after the two-factor authentication has been validated. This method also reduces the risk of false alarms, as opposed to traditional device ID or IP address validation and identifies threats immediately. This means stopping fraud in real-time, protecting consumers against the range of cyber threats and enhancing the customer experience.
The Future of Behavioral Biometrics: What’s Next?
Sophisticated cybercrime will not slow down, and neither will the race to provide users with advanced digital experiences. With this trend, innovative behavioral biometric capabilities will be in high-demand and will continue to rapidly advance. These are the trends we can expect to see in the not so distant future:
- New Use Cases. Unlike traditional biometrics, behavioral biometrics was born in the banking consumer arena, mostly focusing on fraud prevention. It is uniquely able to detect social engineering attacks that bypass traditional controls. The technology is also significantly enhancing detection of new account opening fraud and being used to build trust in digital channels.
- New Markets. The use of behavioral biometrics is expanding to new markets like e-commerce, credit card issuers, credit bureaus, insurance, and others.
- Behavioral Profiling in Multimodal Biometrics. Multimodal biometrics refers to the combination of two or more biometric modalities in an authentication system. For instance, a system that combines fingerprint scanners and voice recognition. In the coming years, we can expect to see behavioral profiling combined with other biometric modalities to create more robust security systems.
Want to learn more about how behavioral biometrics can enhance the digital experience? In this case study, find out how behavioral biometrics drastically curbed the financial impact of fraud threats targeting a top bank’s payment process and reduced friction up to 95% across the customer journey.