In recent years, the global financial sector has experienced a significant surge in new types of fraud and cybercrime. Breaking it down to geographic regions, we see that these dynamics are influenced by a wide array of factors such as the political setting, financial practices, IT structures and the regulatory environment.
Cybersecurity in Latin America is particularly unique in this regard, experiencing high rates of ATM fraud, phishing, malware and other cyber attacks specifically aimed at the region. Furthermore, the vast majority of these attacks originate in the region as opposed to being launched from other parts of the world.
In this Q&A, Zohar Elnekave, Senior Director of Sales, LATAM shares his thoughts on recent trends in the Latin American financial sector and what makes BioCatch stand out in the realm of behavioral biometrics.
Q: Tell us a little about your professional background and your role at BioCatch?
I have been active in the Latin America market for over 16 years, the last 12 of them as a cybersecurity and fraud specialist. I started as a project manager, then entered the world of sales engineering. In my current role at BioCatch, I am the Senior Director of Sales for LATAM.
I also have a strong passion for public speaking and few years ago I began helping start-ups with their pitch, providing guidance to executives on how to get their message across and preparing TEDx speakers in various occasions. Originally from Israel, I moved with my family to Medellin, Colombia six years ago.
Q: What makes the financial sector in LATAM different?
The LATAM financial sector is fascinating as it is very dynamic. It combines different maturity levels both on the attack surface and volume, depending on the country and the defense posture of the banks. So, while we see some “traditional” fraud coming from other regions, we have some very specific MOs not seen elsewhere. We also continue to see substantial changes in the market generally, as digital transformation advances at a rapid pace.
Q: From your perspective, what are the main cybersecurity challenges your clients in LATAM are facing?
The main challenges that I see are: First, there are a colossal number of fraud alerts coming from traditional solutions, that either cannot be processed or are mostly actually genuine, so fraud departments end up wasting a lot of resources on that. Second, new fraud patterns that cannot be identified with current tools, such as RATs (Remote Access Tools), new type of malware and bots. Third, in many cases, fraudsters are able to bypass two-factor authentication such as SMS (by doing SIM swap – a fraud they do with the cellular carrier). When this happens, it makes the existing tools very vulnerable.
Q: Can you tell us about an interesting fraud case from one of your clients and how was BioCatch able to help?
We have seen a new modus operandi by fraudsters, which is unique to a specific Latin American country. For example, one bank’s current fraud prevention mechanism is based on the size of money transfers, and so fraudsters started to attack by performing many small value payments, which made it almost impossible for the bank to stop. Once BioCatch entered, we were able to identify this type of fraud by looking at the behavioral level, stopping this fraud with hardly false alerts.
Q: Can you tell us about BioCatch's fraud prevention and continuous authentication capabilities in mobile applications? How can these capabilities help customers in LATAM?
We are currently seeing a rise in mobile fraud in both apps and the mobile web browser. This can occur from RATs-in-the-mobile (Remote Access Tools) or to overlay attacks, where the device is infected with malware that will generate an identical, but fake screen on top of the actual banking app, making the user unaware that he or she is being scammed.
By using BioCatch’s continuous authentication and fraud prevention, we can detect sessions when a different person uses the phone, by looking at the way he or she interacts with the device and the application. In a recent incident with one of the leading banks in LATAM, we were able to identify fraudulent activities being perpetrated by the same fraudster, attacking different customers via different devices.
Q: What makes BioCatch's solution superior in today's marketplace?
Being a veteran in cybersecurity and specifically in the fraud space for more than 12 years, the answer is our incredible precision and results. This obviously comes from the fact that we are looking at the identity parameter which is human behavior itself. What makes BioCatch amazing, and what really got me “hooked” from day one, is that this technology fills a gap that cannot be matched by other technologies. When you focus on human behavior, it doesn’t really matter what IP or device is in use or how much money is transferred. The interesting thing is whether this is the genuine person or not. And we can answer this far better than anyone else.
Q: Where do you think behavioral biometrics is going in the next five years?
Behavioral biometrics is definitely going towards the realm of authentication with much more focus on mobile. As all fraud happening in authenticated sessions, passwords make less and less sense in our digital world, put aside the fact that they are cumbersome. The high precision of the behavioral biometrics technology should and will replace passwords.
Specifically, in LATAM, where around half the population is not yet online, behavioral biometrics will play a key role. The frictionless experience for end-users, the reduced costs for applying the technology (vs current authentication mechanisms) along with the fact that digital connectivity is transforming the entire region of LATAM, is making behavioral biometrics even more attractive, and I expect it will grow over the next five years in the financial sector and spread to other verticals, such as automotive, IoT industries, health, government.