Share this post
Stop playing whack-a-mole, use Behavioral Biometrics,
Avert any Zero-day Malware or new ATO scam.
What is Behavioral Biometric Analysis?
With every new day, comes a new malware variant, a new phishing scam or some other zero-day threat vector. Instead of playing whack-a-mole, behavioral biometrics can be used to shift the focus to the user and to detecting any signals – from any threat vector – that may indicate an account takeover attack.
Behavioral biometric technology is a highly accurate authentication technology that can identify users based on their behavior patterns.
It identifies unique, individual characteristics in how people type and interact with their mobile device or computer, instead of other common technologies that identify users based on their physical attributes (fingerprints, facial recognition), what they have (key fobs or phones), or what they know (passwords or out-of-wallet questions).
What is a BionicID™
The fundamental building block of a BionicID™ is behavioral biometrics.
Revelock collects thousands of non-PII parameters starting with behavioral biometrics – how a user handles a device – and layers on behavioral analytics – when from where and what the user accesses as well as which device and network and all the associated data about that device and network that is used to access a protected website or mobile application server.
Revelock takes a unique approach to verify users at every point in the customer journey by continually asking, “are you really you?”.
Other behavioral biometrics companies compare users against a database of known bad, or segments of good actors, trying to answer the question “do you look like a bad or good actor?”. This approach can be effective.
Still, in many cases, it is not granular enough. It does not provide complete coverage – leaving open the possibility that sophisticated bad actors will slip through early on in a new account signup process or at other points in the user journey.
The “do you look like a bad actor?” method of determining legitimate users vs. bad actors does not work in scenarios where insiders – people who have verified identities and are not part of the larger universe of cybercriminals – attempt unauthorized access to bank accounts.
Revelock BionicID™ are based on full user context and built to recognize every single user. They are established quickly and can start answering the question “are you really you?” accurately, in just a couple of interactions.
Revelock’s BionicID™ is a “cyber-DNA” or a digital fingerprint, built using thousands of parameters about the user’s context, based on behavioral biometrics, behavioral analytics and device profiling, network data, geolocation, malware patterns, and other threat intel data. As a result, it recognizes the real person behind each user in as little as two interactions, with a 99.2% accuracy in just milliseconds! |
What makes Revelock’s BionicID™ solution unique in fraud prevention?
BionicID™ data collection and analysis is the foundational technology in Revelock’s multi-channel fraud prevention solution. Revelock’s Fraud Detection & Response Platform is unique. It does not just detect anomalies, score risks and raise alerts; it also empowers fraud teams to simply configure the system to handle a number of fraud events automatically.
This Active Defense approach protects users without them even knowing about threats, reduces call center costs of having to respond to confused users, and reduces the burden on fraud analysts.
It frees fraud teams from handling routine alerts and instead uses Revelock Hunter to investigate more complex cases.
With Revelock, analysts can take a Pre-emptive Defense approach, take down bad actors and mule accounts and stop fraud before it happens.
How can BionicIDs™ be used to stop Impersonation and Manipulation attacks?
Impersonation Attacks start with stolen credentials, and Revelock Active Defense prevents malware or phishing attacks from stealing user credentials in the first place. Revelock Active Defense also allows banks to determine the appropriate actions to take when malware or phishing attacks are detected on user devices – and immediately, automatically, and silently protect those users as well as alert the bank’s fraud teams.
In today’s post-breach world, stolen credentials are readily available for bad actors to use to impersonate legitimate users. Stolen credential attacks require a different approach to stop since they are executed by credential stuffing bots and manually by humans. These kinds of attacks are detected, and account takeovers are prevented by Revelock BionicID™ analysis.
Manipulation Attacks utilize remote access software, either by fraudulently manipulating legitimate remote access software or having a victim execute a form of malware called a Remote Access Trojan. Either attack is designed to gain control of a victim’s device or, more typically, control a user’s banking session. This attack is easier to execute because it bypasses traditional account security, allowing a bad actor to control a victim’s account temporarily.
Revelock’s Active Defense BionicID™ analysis can detect and defeat both attack types stopping attempted session takeovers – protecting users and notifying the bank. Revelock analyzes thousands of users, network, and system parameters collected during every online interaction or operation to protect users from impersonation and manipulation attacks.
This data is processed in the cloud using hybrid AI models including Deep Learning to create a BionicID™ for all users, legitimate or bad actors at sign-up. From that point, the BionicID™ is continually updated and analyzed at every interaction, and a holistic risk score is calculated for each customer.
Depending on the risk, the system silently allows user access or stops bad actors. The bank has access to risk scores and can configure when to be alerted, and can also automate appropriate action to be taken.
For example, Revelock provides banks with two flexible response paths if an impersonation or manipulation attack is detected. The first is to immediately protect users at the point of attack. The second is to simultaneously:
- Alert the bank’s fraud teams of the attack and execute a follow-up response – ranging from sending user notifications,
- Stepping up authentication,
- Terminating a session, or
- Locking the account
Stopping fraud before it happens.
What is BionicID™ analysis best suited for?
BionicIDs™ are most commonly used for anti-fraud or user verification applications but have primarily been used by financial institutions to avert any zero-day malware or new ATO scams.
In online behavioral biometrics in banking applications, BionicID™ analysis can provide effective fraud protection against manipulation or impersonation-based attacks such as Account Takeover (ATO) fraud, as well as malware-based ones such as Remote Access Trojan (RAT).
Besides online banking access, BionicID™ analysis can also be applied to other use cases such as detecting New Account Fraud, Card Not Present, or when 3D Secure verifications are required.
Does BionicID™ data collection or analysis impact the User Experience (UX)?
BionicID™ data collection is entirely transparent for end-users, and the data analysis is invisible without requiring users to take any extra steps. Furthermore, it works in the background and provides passive biometric verification to confirm the person behind the online session is always the genuine user.
When a BionicID™ anomaly is detected, it generates the need for additional authentication (multi-factor authentication). Similarly, during a 3D Secure stepped-up verification, users may be required to take additional steps to verify their identity.
Deep learning algorithms continuously evaluate the incoming flood of behavioral biometric data on the financial institution’s side. This evaluation will result in a seamless and secure user experience or, in the case of anomalous activity, trigger an automated response to stop an attack and follow-up alert to notify the bank of the attack and the actions taken to prevent it.