Combating Fraud in a Faster Payments World with Behavioral Biometrics: What Canada Can Learn From the UK Experience

As Faster Payments comes to Canada, businesses and consumers will be able to benefit from same-day transaction processing, providing quicker access to payroll, account transactions and the like. While beneficial for businesses and consumers, this raises the bar for risk and fraud, and will necessitate banks and other financial institutions to review thousands of additional transactions per day, potentially leading to a significant increase in staff and operational costs.

When the UK went through this transition, they saw banking fraud volumes triple as the traditional defenses could not keep up with fraudsters' evolving tactics. Operational costs also soared. Two-Factor Authentication could not stop the fraud, and in fact 100% of current fraud in the UK occurs inside strongly authenticated sessions. Cyber criminals find clever ways to circumvent those controls by using malware, Remote Access and Social Engineering techniques, often combined in elaborate and highly advanced attacks

With real time payment becoming a reality, Canadian banks have a lot to learn from their UK counterparts on how they tackled fraud in a post-faster-payment era, balancing user experience with security controls. In this executive roundtable dinner, Naresh Vyas from the Royal Bank of Scotland - one of the leading UK banks - will share their experience around what works and what doesn't work against advanced threats. BioCatch's Frances Zelazny will share the latest emerging online fraud trends, and take the audience through time as she follows the way criminals adapted to UK banks' defences in the last 10 years, and how the industry responded.

BioCatch delivers behavioral biometrics, analyzing human-device interactions to protect users and data. In the digital world, the use of this technology allows for passive, continuous authentication, generating actionable risk scores that are used to prevent fraud in real-time. BioCatch is frictionless, requiring no additional third-party messaging or any other extra steps for a user to verify their identity. The system picks up the way a user naturally interacts with a device or with an application to create a user profile and detects the difference between an authorized user and an imposter, whether it is an unauthorized human user, or some malware, bot or aggregator.

Behavioral biometric attributes reflect the way a user holds a mobile device, touches it and interacts with it. How does the user hold the device? What happens when they scroll or swipe? Do they use their right finger or left one? Finger or thumb? What specific thumb motion (there are two main types). On a PC, most of the analysis has to do with hand-eye coordination, which is a primary function in motor control. This is reflected in the mouse and trackpad motion. BioCatch doesn\'t just measure mouse motion parameters such as speed, acceleration and curvature; our patented algorithms look at the way the user\'s hand-eye coordination operates: the eyes follow the cursor on the screen, the brain calculates the path, and the hand moves the physical device. The hand-eye coordination function is different between users, and BioCatch models that.

Typical use cases for BioCatch include:
- Reducing friction and eliminating the need for security controls on low risk, low-value transactions
- Fighting account takeover, social engineering and vishing fraud through behavioral biometrics
- Detecting malware, remote access Trojans and highly sophisticated scripted attacks
- Preventing the use of synthetic and stolen identities during the digital onboarding process to prevent new account fraud.

BioCatch demonstrably lowers friction, reduces false positives and generate ROI not only on fraud savings, but also on the overall reduction in operational costs. To hear how the BioCatch technology can improve fraud detection and generate results like the ones seen by RBS, please register for our dinner on the 22nd of January.