• Home

  • Documents

  • GLOBAL TRENDS IN ONLINE FRAUD (2016) · 2017. 10. 6. · accuracy and being able to deal with...
11
1 WHITE PAPER | Invisible Challenges: BioCatch’s Game-Changing Technology for Online Fraud Prevention White Paper GLOBAL TRENDS IN ONLINE FRAUD (2016) Use Cases for Behavioral Biometrics in the Banking Industry March 2017

GLOBAL TRENDS IN ONLINE FRAUD (2016) · 2017. 10. 6. · accuracy and being able to deal with different types of replay attacks ... Employing cutting-edge behavioral biometric technology,

  • Upload
    others

  • View
    2

  • Download
    0

Embed Size (px)

Citation preview

Page 1: GLOBAL TRENDS IN ONLINE FRAUD (2016) · 2017. 10. 6. · accuracy and being able to deal with different types of replay attacks ... Employing cutting-edge behavioral biometric technology,

1

WHITEPAPER|InvisibleChallenges:BioCatch’sGame-ChangingTechnologyforOnlineFraudPrevention

WhitePaper

GLOBALTRENDSINONLINEFRAUD(2016)UseCasesforBehavioralBiometricsintheBankingIndustryMarch2017

Page 2: GLOBAL TRENDS IN ONLINE FRAUD (2016) · 2017. 10. 6. · accuracy and being able to deal with different types of replay attacks ... Employing cutting-edge behavioral biometric technology,

2

WHITEPAPER|InvisibleChallenges:BioCatch’sGame-ChangingTechnologyforOnlineFraudPrevention

TableofContents

ExecutiveSummary..................................................................................................................3

IntroductiontoBehavioralBiometrics&InvisibleChallenges.................................................2

RotationofMovement.........................................................................................................5

SpinningWheel....................................................................................................................6

DisappearingMouse.............................................................................................................7

InvisibleChallenges,InvincibleChallenges...............................................................................8

ResultsandConclusion–LessFriction.LessFraud................................................................10

AboutBioCatch......................................................................................................................11

CopyrightThiscontentiscopyrightofBioCatchTM2017.Allrightsreserved.Anyredistributionorreproductionofpartorallofthecontentsinanyformisprohibitedotherthanthefollowing:

• youmayprintordownloadtoalocalharddiskextractsforyourpersonalandnon-commercialuseonly• youmaycopythecontenttoindividualthirdpartiesfortheirpersonaluse,butonlyifyouacknowledgethe

documentasthesourceofthematerialYoumaynot,exceptwithourexpresswrittenpermission,distributeorcommerciallyexploitthecontent.Normayyoutransmititorstoreitinanyotherwebsiteorotherformofelectronicretrievalsystem.

Page 3: GLOBAL TRENDS IN ONLINE FRAUD (2016) · 2017. 10. 6. · accuracy and being able to deal with different types of replay attacks ... Employing cutting-edge behavioral biometric technology,

3

WHITEPAPER|InvisibleChallenges:BioCatch’sGame-ChangingTechnologyforOnlineFraudPrevention

ExecutiveSummary

BioCatchisacybersecuritycompanythatdeliversbehavioralbiometrics,analyzinghuman-deviceinteractions,toprotectusersanddata.BanksandotherenterprisesuseBioCatchtosignificantlyreduceonlinefraudandprotectagainstavarietyofcyberthreats,withoutcompromisingtheuserexperience.OneofthekeyaspectsthatdistinguishesBioCatchasthemarketleaderinbehavioralbiometricsisitspatentportfolio,whichasofthiswritingismadeupof46patents,17ofthemgrantedorpublic.Amongthem,isagroupthatpertaintoacapabilitycalled“InvisibleChallenges™”.InvisibleChallengesrefertoteststhatareinvokedintoanonlinesessionwithouttheuser’sknowledge,butthatelicitsubconsciousresponsesthatcanbeusedtodistinguishafraudsterfromalegitimateuser.Thispowerfulmechanismrepresentsthelatestgenerationoffraudpreventiontools,thataddressestheweaknessoftraditionalapproachesthatrelyonmalwarelibraries,two-factorauthentication,deviceIDandothermeansthatthesophisticatedfraudstersoftodayhavefiguredouthowtocircumvent.InvisibleChallengesalsoseparatesBioCatchfromotherbehavioralbiometricsprovidersthatarefocusedontraditionalkeyboard,mousemovementsandgestureanalysis,intermsofaccuracyandbeingabletodealwithdifferenttypesofreplayattacks,humaninteractionsimulationandadvancedmalwareinjections.

Page 4: GLOBAL TRENDS IN ONLINE FRAUD (2016) · 2017. 10. 6. · accuracy and being able to deal with different types of replay attacks ... Employing cutting-edge behavioral biometric technology,

4

WHITEPAPER|InvisibleChallenges:BioCatch’sGame-ChangingTechnologyforOnlineFraudPrevention

IntroductiontoBehavioralBiometrics&InvisibleChallenges

TheBioCatchsystemauthenticatesusersbywhotheyare,ratherthanbywhattheyknow(e.g,passwords,securityquestions).Employingcutting-edgebehavioralbiometrictechnology,thesystemanalyzesmorethan500differentbehavioralpatternsduringasession(post-login)todeterminewhethertheuserisinfactthegenuineuserandnotahuman/non-humanimposter.Theseparametersinclude:

• Cognitivefactorssuchaseye-handcoordination,applicativebehaviorpatterns,usagepreferencesanddeviceinteractionpatterns.

• Physiologicalfactorssuchasleft/righthandedness,press-size,handtremors,armsizeandmuscleusage.

• Contextualfactorssuchastransaction,navigation,deviceandnetworkpatterns.Eachuserprofileisbasedonthe20parametersthataremostuniquetothem.Aftercomparingthesessiondatatothegenuineuser’sprofile,BioCatchprovidesariskscoreinreal-timethatcanbeusedasastandaloneindicatororincombinationwithotherthreatdetectionsystems.Oursolutionisdesignedtoreducefrictionassociatedwithauthentication,savecostsassociatedwithescalationstocost-centersbecauseoffailedauthenticationsandfalsealarmsandreduceoverallfraudbyrecognizingfraudsterbehaviorasopposedtofixedmeansofidentitywhichmaybelost,stolenorcircumvented.Attheheartofwhatmakesthispossiblewithveryhighaccuracy,aretheInvisibleChallenges.Thesearepatentedtechniquesthatintroducesubtletestsintotheonlinesessionthatuserssubconsciouslyrespondtowithoutsensinganychangeintheirexperience.Theresponsecontainsbehavioraldatathatisusedtodistinguisharealuserfromanimposter,whetherhumanornon-human(roboticactivity,malware,aggregator,etc.).ItisimportanttonotethatBioCatch’steamofresearcherstesteachchallengeanditscorrespondingdeviationtodeterminethethresholdatwhichusersnoticeachangeinexperienceonthemobileorwebsite.

Page 5: GLOBAL TRENDS IN ONLINE FRAUD (2016) · 2017. 10. 6. · accuracy and being able to deal with different types of replay attacks ... Employing cutting-edge behavioral biometric technology,

5

WHITEPAPER|InvisibleChallenges:BioCatch’sGame-ChangingTechnologyforOnlineFraudPrevention

ThefollowingaresomeexamplesofInvisibleChallenges.NotethatthislistisprovidedsolelyforillustrativepurposesanddoesnotrepresentthefullrangeofInvisibleChallengesthatmaybeemployed.

RotationofMovement

Challenge:Introduceadeviationinthemousemovement.Theexamplebelow(leftimage)showsauserreactingtotheInvisibleChallengebymakingasmallcorrectiontoaright-sidedeviationthatwouldhavemadehimmisshistargetwithoutcompensating.Whengiventhischallengerepeatedly,thisusertypicallymakesonesmallcorrectionata60-80degree(redhook)madeduringthelast10%ofthemovement.Butotherpeopleresponddifferentlytothesamechallenge.Inthemiddleimage,aQAmanagerrespondswithmultiplecorrections(bluelines).Shebeginshercorrectionduringthelast20%ofthemovement.Bothusersreportedthattheydidnotsensethechallengeornoticeanythingdifferentintheuserexperience.Arobot(rightimage)wouldnotneedtocompensateatall,becausesuchmovementdoesnotinvolvehand-eyecoordination.

User1User2Robot

ThisexampledemonstratesaniPadtouchinterfacechallenge-responsebyleveragingadrag-and-dropeffect,withoutanychangetotheuserexperience.Additionalchallengescaninvolvescrolling,swiping,typingandpinching/zooming.

InvisibleChallengesFacts

• Proactiveandpassive• Injectedatspecificpoints

withinasession• Changeeachtimeina

randomizedway• Elicituniquebehavioral

andcognitiveparameters• Donotaltertheuser

experience

Page 6: GLOBAL TRENDS IN ONLINE FRAUD (2016) · 2017. 10. 6. · accuracy and being able to deal with different types of replay attacks ... Employing cutting-edge behavioral biometric technology,

6

WHITEPAPER|InvisibleChallenges:BioCatch’sGame-ChangingTechnologyforOnlineFraudPrevention

SpinningWheel

Challenge:Introduceafluctuationinthewaytheselectionwheelspins.Acommonuserinteractionelementinmobileappsisthespinningselectionwheelfordates,time,numbers,etc.Thisisoftenusedwhenenteringinformationsuchasanewdestinationaccountformoneytransactions.BioCatchcollectspassivemeasuresrelatedtospinningthewheel(speed,stoppingstrategy,correctionstowardstheend),butalsointroducessubtlefluctuationsthathelpusseehowtheusersubconsciouslyreacts.

User1 User2

User1:Thechallengeisinjected,andthewheelspinsslowly(notkinetically).Theusercompensatesbyafewlongandcontinuous"pushes"tospinthewheel,andaddstwopowerfulstrokesintheotherdirectionforfine-tuningandfinaltargeting.User2:Thechallengeisinjected,andthewheelspinsslowly(notkinetically).Theusercompensatesbymanysmallandshort"pushes"tospinthewheel.Afterwards,theuseraddsseveralshort,concentratedandpowerfulstrokesinthesamedirectionforfinaltargeting.

Page 7: GLOBAL TRENDS IN ONLINE FRAUD (2016) · 2017. 10. 6. · accuracy and being able to deal with different types of replay attacks ... Employing cutting-edge behavioral biometric technology,

7

WHITEPAPER|InvisibleChallenges:BioCatch’sGame-ChangingTechnologyforOnlineFraudPrevention

DisappearingMouse

Challenge:Hidethecursor.Userssearchforthecursor/mouseinverydifferentanduniqueways.Someusewidesearchpatterns,othersusesmallones,somearehorizontalwhileothersarediagonal,andcertainusersalwayssearchcounter-clockwise.Sometimesusersmoveonacertainlearningcurveandtheirresponsesvaryaccordingtotheirlocationonthecurve.Allthesecanbecapturedasuniqueparameters,however,typicallythisisnotpractical,becausethetimerequiredfortheusertoprovideenoughrelevantmousemovementstoaccuratelyauthenticatethemselvesistoolong.InvisibleChallengesunconsciously“forces”theusertomakevariousmousemovementsinaveryshorttime,allowingBioCatchtocaptureadequatedatafromtheuserin500milliseconds.Thismakesitusefulfordetectinganomaliesinuserbehaviorinnearreal-time.Theexamplebelowshows25users,eachwithaslightlydifferentsearchpatternfora

missingcursor.

Page 8: GLOBAL TRENDS IN ONLINE FRAUD (2016) · 2017. 10. 6. · accuracy and being able to deal with different types of replay attacks ... Employing cutting-edge behavioral biometric technology,

8

WHITEPAPER|InvisibleChallenges:BioCatch’sGame-ChangingTechnologyforOnlineFraudPrevention

InvisibleChallenges,InvincibleChallenges

Asaclassoftechnologies,behavioralbiometricsoffersdistinctadvantagesoverotherauthenticationmodalities.Itispassive,seamless,worksinthebackgroundanddoesnotrequireactiveenrollment.Ontheotherhand,allthesecharacteristicsalsomakeshighaccuracyhardtoobtain.Intheworldofonlinetransactions,itiscriticaltokeepfalsepositivesanduserfrictiontoanabsoluteminimum,whileensuringveryaccuratefraudalerts.Invisiblechallengesmakethispossible.InvisibleChallengeshelpdeliverthepromiseofbehavioralbiometricsforcontinuousauthenticationandovercomemanyofthechallengesthattraditionalbehavioralandfraudpreventionapproachesdonotaddress:

• Accuracy:Invisiblechallengesgeneratemoredata,whichcannotbecapturedinotherways.ThedatacapturedviaInvisibleChallengesisintimateinthesensethatitdivulgescognitiveandphysiologicalparameters.Intheworldofmachinelearninganddeeplearning,theamountofdataandthequalityofdataiswhatdeterminesaccuracy.InvisibleChallengesnotonlyspeedupthedatacollectionprocess,buttheoveralldetectionandfalsepositiverates.

• RATanddevicespoofingdetection:InvisibleChallengescandetectanunnaturalresponseordelayindicatingaremoteconnectionorVirtualMachineattack;forexample,iftherearetworesponsestoasinglechallenge,thiscanbeindicativeofaRemoteAccessTrojanorManintheBrowserattack.WithBioCatch,thismethodofdetectioncanbedonewithoutanyactiveenrollmentorindexingofthemalicioustool,atanEqualErrorRate(EER)of0%.

• Roboticdetection:Traditionalbotdetectioninvolvesdevicefingerprinting,IP

addressverification,useranalytics,andendupbeingacatandmousegamethatrequireslearningthebehaviorofbotsandclassifyingthemasharmfulornot.InvisibleChallengescircumventsallthisbyrequiringtheusertocompensatesubconsciouslyviahand-eyecoordination.Giventhatbotsareautomatedtools,bynaturetheyignorethechallenges.

Page 9: GLOBAL TRENDS IN ONLINE FRAUD (2016) · 2017. 10. 6. · accuracy and being able to deal with different types of replay attacks ... Employing cutting-edge behavioral biometric technology,

9

WHITEPAPER|InvisibleChallenges:BioCatch’sGame-ChangingTechnologyforOnlineFraudPrevention

• Malwaredetection:Traditionalbehavioralapproachestomalwaredetectionsimulateshumaninteractionandcomparesittothemalwareinteractionforagivenactivity.Thisisproblematicbecauseitrequiresthesystemto“know”themalwareandthelearningphasetakessometime.ByusingInvisibleChallengesinarandomizedway,themalwarewillnotknowhowandwhentorespond,anditisthereforenotnecessarytomaintainmalwarelibrarieswhichareinevitablyobsoletethemomenttheyareupdated.Thismethodhashadperfectsuccesstodate.

• Replayattacks:Traditionalbehavioralapproachesrecognizereplayattacksby

comparingthebehaviorinagivensessionagainstthebehaviorinapriorsession.Thisisnotidealbecausereplayattackscontainnatural“noise”whichinvariablymakesthemdifferentfromprevioussessionsbutstillsimilarenoughtobemarkedasvalid.InvisibleChallengesarerandomintiming,intensityandflavor,sonopastactivitycanbeusedtoproducealegitimateresponsetothechallenge,makingBioCatchimmunetoreplayattacks.Seefigurebelow.

• Risk-basedauthentication:Bydefinition,risk-basedauthenticationisamethodofapplyingvaryinglevelsofstringencytotheauthenticationprocessesbasedontheriskprofileofthepersonorthesensitivityoftheapplicationbeingaccessed.BecauseInvisibleChallengesarecompletelytransparenttotheuser,theycanbeintroducedatdifferentjunctures,andindifferentflavors,toincreasetheaccuracyofthedetectionrate.Thismakesiteasytoestablishdifferentbusinessruleswithinanapplication,sothathigherriskactivities,likeaddinganewpayee,changingthe

Page 10: GLOBAL TRENDS IN ONLINE FRAUD (2016) · 2017. 10. 6. · accuracy and being able to deal with different types of replay attacks ... Employing cutting-edge behavioral biometric technology,

10

WHITEPAPER|InvisibleChallenges:BioCatch’sGame-ChangingTechnologyforOnlineFraudPrevention

phonenumberfortheaccount,makinglargetransfers,etc.canhavespecificchallengesassignedtotheminarandommanner,whilekeepingfrictionandfalsepositiveslow.

ResultsandConclusion–LessFriction.LessFraud.

Asstatedearlier,maintainingthebalanceofidentifyingrealfraudwhilemaintaininglowfalsealarmratesandlowuserfrictionisthecatch-22forbehavioralbiometricswhicharepassiveinnatureanddonotrequireanactiveenrollment.BioCatchInvisibleChallengesoptimizethisbalance.IntroducingasinglechallengeintoasessioncanlowertheEERofanyby3%;addingmorechallengesdrivesperformanceexponentially1.CriticaltothisisthetiminginwhichtheInvisibleChallengesareinjected.Usingadvanceddatascienceandmachinelearningmethods,thechallengesareintroducedasaformofrisk-basedauthenticationpriortocrucialonlinetaskssuchas:changingpayees,transferringlargesumsofmoney,updatingpersonaldetails,cardactivationanddeactivation.Moreover,challengesmayalsobeinjectedwhenthesystemrequiresmorebehavioraldatatocalculateamoredeterministicriskscore.Thisapproachensuresveryhighdetectionrateswithextremelylow-ratesoffalsepositivesbydefinition,anddifferentiatesBioCatchfromotherbehaviorialbiometricsapproaches,deliveringimmediateresultsandreturnoninvestment,withoutbeinghostagetothecat-and-mousegameoftraditionalfraudpreventionapproaches.

1Thesefiguresarebasedonrealdatacomingfromthe2milliontransactionspermonththataremonitoredby

theBioCatchsystem,togetherwithnumeroussimulatedtransactionexperiments.

Page 11: GLOBAL TRENDS IN ONLINE FRAUD (2016) · 2017. 10. 6. · accuracy and being able to deal with different types of replay attacks ... Employing cutting-edge behavioral biometric technology,

11

WHITEPAPER|InvisibleChallenges:BioCatch’sGame-ChangingTechnologyforOnlineFraudPrevention

AboutBioCatchTMBioCatchisacybersecuritycompanythatdeliversbehavioralbiometrics,analyzinghuman-deviceinteractionstoprotectusersanddata.BanksandotherenterprisesuseBioCatchtosignificantlyreduceonlinefraudandprotectagainstavarietyofcyberthreats,withoutcompromisingtheuserexperience.Withanunparalleledpatentportfolioanddeploymentsatmajorbanksaroundtheworldthatcovertensofmillionsofuserstodate,BioCatchhasestablisheditselfastheindustryleader.Thecompanywasfoundedin2011byexpertsinneuralscienceresearch,machinelearningandcybersecurityandiscurrentlydeployedinleadingbanksande-commercewebsitesacrossNorthAmerica,LatinAmericaandEurope.Formoreinformation,pleasevisit:www.biocatch.com

ContactUs

www.biocatch.com

[email protected]

@biocatch

www.linkedin.com/company/biocatch

BioCatchandInvisibleChallengesaretrademarksofBioCatchLtd.ThisreportreferstoBioCatch'sregisteredpatents:US9069942,US9418221,US9450971,US9477826,US9483292,US9531733,US9531701,US9547766,US9558339.Copyright2017.Allrightsreserved.


Burgess Replay

Burgess Replay

Documents
Replay Solutions CFD

Replay Solutions CFD

Technology
Biometric Systems Application Note - Homeland Security · PDF fileThe Biometric Systems Application Note was funded under Interagency Agreement ... Biometric Access Control ... Biometric

Biometric Systems Application Note - Homeland Security · PDF fileThe Biometric Systems Application Note was funded under Interagency Agreement ... Biometric Access Control ... Biometric

Documents
Record and Replay

Record and Replay

Documents
Employing refugees 2020...Biometric Residence Permit A Biometric Residence Permit (BRP) is issued to a person granted leave to remain in the UK. It will show the date the permit expires,

Employing refugees 2020...Biometric Residence Permit A Biometric Residence Permit (BRP) is issued to a person granted leave to remain in the UK. It will show the date the permit expires,

Documents
Biometric Authentication. Types of biometric identifiers · Biometric Authentication. Types of biometric identifiers Aleksandra Babich Bachelor ’s Thesis Degree Programme in Business

Biometric Authentication. Types of biometric identifiers · Biometric Authentication. Types of biometric identifiers Aleksandra Babich Bachelor ’s Thesis Degree Programme in Business

Documents
Karma: Scalable Deterministic Record-Replay · replay. During Karma's replay, special wakeup messages (like coherence acknowledgment messages) trigger parallel replay of independent

Karma: Scalable Deterministic Record-Replay · replay. During Karma's replay, special wakeup messages (like coherence acknowledgment messages) trigger parallel replay of independent

Documents
Capture & Replay

Capture & Replay

Documents
DrDebug: Deterministic Replay based Cyclic Debugging with ...ineamtiu/pubs/cgo14wang.pdf · design, experimentation Keywords deterministic replay, execution slice ... replay based

DrDebug: Deterministic Replay based Cyclic Debugging with ...ineamtiu/pubs/cgo14wang.pdf · design, experimentation Keywords deterministic replay, execution slice ... replay based

Documents
Cyrus: Unintrusive Application-Level Record-Replay for Replay Parallelism

Cyrus: Unintrusive Application-Level Record-Replay for Replay Parallelism

Documents
Replay museum

Replay museum

Documents
Biometrics. Topics Biometric identifier classification Biometric identifier characteristics comparison Multimodal Biometrics Biometric Standards Challenges

Biometrics. Topics Biometric identifier classification Biometric identifier characteristics comparison Multimodal Biometrics Biometric Standards Challenges

Documents
A New Encoding of Iris Images Employing Eight Quantization ... · Computer Engineering Department, Epoka University, Tirana, Albania . Email: {okoc12, auka}@epoka.edu.al . Abstract—Biometric

A New Encoding of Iris Images Employing Eight Quantization ... · Computer Engineering Department, Epoka University, Tirana, Albania . Email: {okoc12, auka}@epoka.edu.al . Abstract—Biometric

Documents
Light Field Based Biometric Recognition and Presentation ...€¦ · Keywords: Biometric Recognition, Biometric Presentation Attack Detection, Biometric Database, Light Field Imaging,

Light Field Based Biometric Recognition and Presentation ...€¦ · Keywords: Biometric Recognition, Biometric Presentation Attack Detection, Biometric Database, Light Field Imaging,

Documents
EndlessYouTube: Repeat/Loop/Replay YouTube EndlessYouTube: Repeat/Loop/Replay YouTube EndlessYouTube: Repeat/Loop/Replay YouTube

EndlessYouTube: Repeat/Loop/Replay YouTube EndlessYouTube: Repeat/Loop/Replay YouTube EndlessYouTube: Repeat/Loop/Replay YouTube

Documents
ORACLE 11g Database Replay - NYOUG...Oracle 11g Database Replay 16 DB Replay ––––PreProcessing Workload It transforms the captured workload data into Replay files It will create

ORACLE 11g Database Replay - NYOUG...Oracle 11g Database Replay 16 DB Replay ––––PreProcessing Workload It transforms the captured workload data into Replay files It will create

Documents
Employing Replay Connectors for SIEM Operator Education

Employing Replay Connectors for SIEM Operator Education

Documents
Compu training replay !

Compu training replay !

Education
REPLAY Series

REPLAY Series

Documents
Compu training replay

Compu training replay

Internet
Orchard Replay

Orchard Replay

Documents
Biometric Recognition Technologies and Biometric Applications

Biometric Recognition Technologies and Biometric Applications

Technology
Biometric information: introduction · Background to biometric ... information on biometric immigration documents (BIDs), ... introduction Background to biometric information enrolment

Biometric information: introduction · Background to biometric ... information on biometric immigration documents (BIDs), ... introduction Background to biometric information enrolment

Documents
The Growing Adoption of Biometric Technology · 2020. 12. 4. · Hacking Biometric Data • What happens when biometric data is hacked: • Examples of attacks (presentation, replay,

The Growing Adoption of Biometric Technology · 2020. 12. 4. · Hacking Biometric Data • What happens when biometric data is hacked: • Examples of attacks (presentation, replay,

Documents
Replay Brochure

Replay Brochure

Documents
Replay Troubleshooting

Replay Troubleshooting

Documents
Replay av option

Replay av option

Entertainment & Humor
Project REPLAY

Project REPLAY

Documents
RePlay Magazine

RePlay Magazine

Documents
Biometric Indicators 1 Running head: BIOMETRIC … Indicators-An...Biometric Indicators 1 Running head: BIOMETRIC INDICATORS ... passwords. Biometric indicators cannot be easily changed

Biometric Indicators 1 Running head: BIOMETRIC … Indicators-An...Biometric Indicators 1 Running head: BIOMETRIC INDICATORS ... passwords. Biometric indicators cannot be easily changed

Documents