BioCatch tracks memory use to catch cybercrooks

Tel Aviv startup is now marketing software to help banks, online stores distinguish good users from criminals

Shoshanna Solomon was The Times of Israel's Startups and Business reporter

BioCatch Scrolling Patterns (Courtesy)
BioCatch Scrolling Patterns (Courtesy)

Did you know that everyone has a distinctive way of moving a mouse, tapping a phone or typing on a keyboard? Moreover, when you identify yourself to your bank or an online store by inserting information about yourself, like your home address or date of birth, you are using long-term memory rather than short-term, and this can be seen from the way you interact with your computer or smartphone.

In fact, that’s what Israeli start-up BioCatch uses to distinguish the bad guys from the good guys.

The company’s latest product, which is already deployed in a set of tier-one banks and eCommerce customers, “differentiates between good users and criminal users, for situations where there is no historic data about these first time visitors,” said Avi Turgeman, the founder of Tel Aviv based BioCatch, a financial security tech firm.

The company has already been selling software that checks over 500 bio-behavioral, cognitive and physiological parameters to create unique user profiles — and an individual web presence — for visitors to banking and eCommerce sites.

BioCatch is able to continuously authenticate users at every stage of an online banking session by analyzing these parameters, including hand tremors, eye-hand coordination, and how a person moves a mouse, combined with behavioral traits such as usage preferences and device interaction patterns. This enables the creation of what BioCatch calls a Cognitive Signature, a sum total of all the factors that go into an interactive session.

https://www.youtube.com/watch?v=q90JYGxk5xw

BioCatch’s technology can record all this information, associating it with the user who is logged in and interacting with the site. In this way, banks or e-commerce sites can be alerted if the person performing the actions isn’t who they should be, for example. The company has already been marketing its continuous authentication software and its malware and RAT detection products to banks and other customers globally.

At the end of 2015 there were more than 33 million banking customers globally using the company’s behavioral biometric software, the company said. Its customers include some of the largest banks and eCommerce sites in Europe, Latin America and North America.

BioCatch hand size measurement via device holding (Courtesy)
BioCatch hand size measurement via device holding (Courtesy)

BioCatch’s latest software, called Criminal Behavior, comes at a good time. Cyber crime will cost businesses over $2 trillion by 2019, market analysts Juniper Research has forecast, almost four times the cost of breaches in 2015.

“Today, with so much personal, financial and sensitive data open to potential threats, BioCatch uses unique personal behavioral metrics to continuously ensure that the individuals accessing their accounts are in fact who they say they are, thereby preventing security breaches before they happen and saving companies losses of millions of dollars in fraudulent activities,” said Pini Lozowick, Chief Investment Officer at OurCrowd, an investor and member of the board of BioCatch, by email.

Criminal behavior

Biocatch’s Criminal Behavior software is based on behavior patterns that emerged from the data the company has collected from interactions of people with their computers and phones. The data shows that interactions differ when users use short-term vs long-term memory: most people remember their birthdays and addresses without needing to check them first, before they tap them into the computer. Their credit card information, however, is stored in their short-term memories. They generally need to check the number before they click it into their phone or computers while performing a transaction.

So behavior and interaction with a device is different when using short-term vs long-term memory, though Turgeman declined to say how exactly so as not to give out too much information that would help criminal activity. And here is the clinch, because the bad guys, the impostors, only have short-term memory of your details, and the BioCatch software can home in on those behaviors that should be long-term but are actually short-term, alerting the vendors or the banks that the person in question could be an impostor.

BioCatch Founder Avi Turgeman (Courtesy)
BioCatch Founder Avi Turgeman (Courtesy)

“Today when someone is requesting an online loan or opening a new digital bank account, there is no way to know if this first-time visitor is actually who they say they are. It could be a fraudster using a stolen identity,” Turgeman said. “But criminals, when impersonating a person they are not familiar with, behave very differently from an innocent user. One example is that they don’t hold the details of that person in their long term memory, and that has a dramatic influence on how their interactions look, and allows us to know if the user is a criminal or not.”

Other times, cyber criminals who are generally well prepared before an attack reveal that they actually know too much, and fill in the forms too quickly and perfectly.

BioCatch, which has raised a total of about $12 million from investors to date and employs 40 people in Tel Aviv, London, New York and Boston, is targeting banks and eCommerce sites for its latest product.

“The virtual world of the internet and mobile are still protected by security systems devised for the physical world,” Turgeman said. “Most of the cyber security solutions try to replicate security concepts from the physical world in the virtual world. But walls and gates in the virtual world are simply made of bits and bytes, and these can be manipulated.”

“Today, in the cyber space, fraudsters can enter into secured environments via the ‘virtual gates,’ almost hand in hand with the authorized users, or just right after them, without anyone noticing,” Turgeman said. “Therefore the only way to truly protect the users’ identity in the cyber space is through continuous authentication based on user activity, and this is what we do.”

Most Popular
read more: