BioCatch Fraud Detection CHECKLIST. 6 Use Cases Solved with Behavioral Biometrics Technology



Similar documents
Top 10 Anti-fraud Tips: The Cybersecurity Breach Aftermath

Protect Your Business and Customers from Online Fraud

Meeting FFIEC Guidance and Cutting Costs with Automated Fraud Prevention. White Paper

Five Trends to Track in E-Commerce Fraud

Transaction Anomaly Protection Stopping Malware At The Door. White Paper

10 Things Every Web Application Firewall Should Provide Share this ebook

WHITEPAPER. Combating Cybercrime A Collective Global Response

Modern two-factor authentication: Easy. Affordable. Secure.

Prevent Malware attacks with F5 WebSafe and MobileSafe. Alfredo Vistola Security Solution Architect, EMEA

Supplement to Authentication in an Internet Banking Environment

RSA Web Threat Detection

ACI Response to FFIEC Guidance

Online Banking Risks efraud: Hands off my Account!

FFIEC Supplemental Guidance to Authentication in an Internet Banking Environment. Robert Farmer Senior Technology Compliance Manager

User Behaviour Analytics

Looking Behind the Attacks - Top 3 Attack Vectors to Understand in 2015

The thriving malware industry: Cybercrime made easy

The Cloud App Visibility Blindspot

KASPERSKY FRAUD PREVENTION FOR ENDPOINTS

AANVAL INDUSTRY FOCUS SOLUTIONS BRIEF. Aanval for Financial Services

Fighting Advanced Threats

Protecting Against Online Fraud with F5

Winning the war on cybercrime: Keys to holistic fraud prevention

THE 2014 THREAT DETECTION CHECKLIST. Six ways to tell a criminal from a customer.

How Do I Log Into Mobile Banking?

Securing Your Business s Bank Account

Gladiator NetTeller Enterprise Security Monitoring Online Fraud Detection INFORMATION SECURITY & RISK MANAGEMENT

Analytics, Big Data, & Threat Intelligence: How Security is Transforming

How To Protect Your Online Banking From Fraud

Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking

XYPRO Technology Brief: Stronger User Security with Device-centric Authentication

Advanced Security Methods for efraud and Messaging

Factoring Malware and Organized Crime in to Web Application Security

Entrust IdentityGuard

AUTHENTIFIERS. Authentify Authentication Factors for Constructing Flexible Multi-Factor Authentication Processes

ecommercial SAT ecommercial Security Awareness Training Version 3.0

Sound Business Practices for Businesses to Mitigate Corporate Account Takeover

Protecting Your Business from Online Banking Fraud

Beyond passwords: Protect the mobile enterprise with smarter security solutions

CUSTOMERS & CRIMINALS: USE WEB SESSION INTELLIGENCE TO DETECT WHO IS WHO ONLINE

Network that Know. Rasmus Andersen Lead Security Sales Specialist North & RESE

Commissioned Study. SURVEY: Web Threats Expose Businesses to Data Loss

FSOEP Web Banking & Fraud: Corporate Treasury Attacks

WHITE PAPER Fighting Banking Fraud Without Driving Away Customers

How Advanced Attacks Get Past Traditional Controls

ONLINE AND MOBILE BANKING, YOUR RISKS COVERED

Online Account Takeover. Roger Nettie

Mobile Banking. Secure Banking on the Go. Matt Hillary, Director of Information Security, MX

CITADEL TROJAN OUTGROWING ITS ZEUS ORIGINS

Selecting the right cybercrime-prevention solution

MITB Grabbing Login Credentials

Combating Cybercrime A Collective Global Response

Executive Summary 3. Snowden and Retail Breaches Influencing Security Strategies 3. Attackers are on the Inside Protect Your Privileges 3

Visualizing Threats: Improved Cyber Security Through Network Visualization

Electronic Fraud Awareness Advisory

A Practical Guide to Anomaly Detection

Protecting Online Customers from Man-inthe-Browser and Man-in-the-Middle Attacks

A new fake Citibank phishing scam using advanced techniques to manipulate users into surrendering online banking access has emerged.

Anthony Minnaar Dept of Criminology & Security Science School of Criminal Justice College of Law University of South Africa

The Cloud App Visibility Blind Spot

Security Bank of California Internet Banking Security Awareness

Securing Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits

Marble & MobileIron Mobile App Risk Mitigation

Payment Fraud and Risk Management

Online security. Defeating cybercriminals. Protecting online banking clients in a rapidly evolving online environment. The threat.

Kaspersky Fraud Prevention platform: a comprehensive solution for secure payment processing

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

Case Study SMS Two Factor Authentication. Contact us Infracast Ltd, Merlin House Brunel Road, Theale, Berkshire, RG7 4AB

WHITEPAPER. Fraud Protection for Native Mobile Applications Benefits for Business Owners and End Users

V ISA SECURITY ALERT 13 November 2015

Innovations in Network Security

White Paper. FFIEC Authentication Compliance Using SecureAuth IdP

White paper. Phishing, Vishing and Smishing: Old Threats Present New Risks

Symantec Mobile Security

INTELLIGENCE DRIVEN FRAUD PREVENTION

The evolution of virtual endpoint security. Comparing vsentry with traditional endpoint virtualization security solutions

Powering Security and Easy Authentication in a Multi-Channel World

Transforming the Customer Experience When Fraud Attacks

THOUGHT LEADERSHIP FIGHTING ONLINE FRAUD: AN INDUSTRY PERSPECTIVE VOLUME 3

Advancements in Botnet Attacks and Malware Distribution

October 2015 Issue No: 1.1. Good Practice Guide Transaction Monitoring for HMG Online Service Providers **Not for sharing on Huddle**

RSA Adaptive Authentication For ecommerce

WHITE PAPER Moving Beyond the FFIEC Guidelines

INDUSTRY OVERVIEW: FINANCIAL

F5 (Security) Web Fraud Detection. Keiron Shepherd Security Systems Engineer

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

isheriff CLOUD SECURITY

Online Cash Manager Security Guide

RSA Adaptive Authentication and Citrix NetScaler SDX Platform Overview

A CHASE PAYMENTECH WHITE PAPER. Expanding internationally: Strategies to combat online fraud

Making Windows Secure by Design

Best Practices in Account Takeover

THE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS

Cybersecurity Policies and Best Practices: Protecting small firms, large firms, and professional services from malware and other cyber-threats

Layered security in authentication. An effective defense against Phishing and Pharming

JUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM

Seminar Conduct and Protocol Nicholas Witchell, for Payments UK. Welcome Maurice Cleaves, Payments UK

Are All High-Risk Transactions Created Equal?

Key Authentication Considerations for Your Mobile Strategy

Microsoft s cybersecurity commitment

Transcription:

BioCatch Fraud Detection CHECKLIST 6 Use Cases Solved with Behavioral Biometrics Technology

1 2 MAN-IN-THE- BROWSER MALWARE ATTACK DETECTION (E.G. DYRE, NEVERQUEST) REMOTE ACCESS (RAT) DETECTION Challenge: Cybercriminals infect customers with financial malware that waits for a genuine user to login into an online banking site and then carries out fraudulent transactions automatically. Solution: Unlike existing malware detection solutions that create alerts when a device becomes infected, BioCatch identifies the actual attacks. In addition, and unlike in existing solutions, BioCatch s approach works on ALL types and variants of malware and will not generate false alarms when an infected machine is not actually attacking (most cases). - Detects most malware attacks - No false alarms - Not susceptible to evasion techniques Challenge: RATs provide cybercriminals with unlimited access to infected endpoints. Cybercriminals use RATs to access the online banking site via the user s genuine device. RAT functionality is a standard feature within financial malware and is becoming the weapon of choice for most fraud attacks especially in commercial banking. Solution: By analyzing a user s movement fluency and other behavioral attributes, BioCatch can detect remote access attacks. - Detects 100% of Malicious RAT attacks in real time such as DarkComet, Dyre, DriDex, ProRat, VNC and RDP Add-ons to Zeus and Citadel - Very low false alerts 2

3 4 DETECTION OF BOT AND AGGREGATORS AT LOGIN NEW ACCOUNT SETUP (AND E- COMMERCE) FRAUD DETECTION Challenge: Certain online banking login attempts are performed automatically by scripts. Fraudsters use botnets (a network of infected computers) to automatically login to accounts with stolen credentials in order to check their validity. Aggregators (such as Yodlee, MoneyCenter, Mint, and BillGaurd) use a similar mechanism to login and scrub account information (later presented through their apps). Naturally, banks have a vested interest in identifying both types of activities and distinguishing between them. Solution: BioCatch s Behavioral Biometrics analyzes user login behavior to correctly identify between benign access (aggregators) and criminal access (botnets) Detect Bot attacks and aggregators to stop fraudulent access with stolen credentials. Challenge: Banks place greater emphasis on stronger authentication to prevent account takeover. Therefore, cybercriminals have started to shift their focus to the enrollment phase where fraud is committed by setting up online accounts using stolen/synthetic identity data. New account fraud typically occurs within 90 days following the opening of an account created with the sole intent to commit fraud. Solution: BioCatch analyses the behavior of users throughout the application process and is able to distinguish between normal new account opening behavior and anomalous behavior by analyzing the following features: user expertise, high application fluency and lack of data familiarity. Reduce new account fraud 3

5 6 DETECTION OF ACCOUNT TAKEOVER FRAUD AT LOGIN/ TRANSACTION ADD RISKY FEATURES TO MOBILE BANKING (ADD PAYEE, HIGHER TRANSFER AMOUNT) Challenge: Device spoofing techniques (e.g., FraudFox) and other evasion tactics are eroding the effectiveness of device fingerprinting solutions. Consequently, account takeover fraud is on the rise. Solution: BioCatch can detect users that exhibit behavior consistent with known fraudsters or criminal behavior. Coupled with behavioral biometric authentication, BioCatch can detect many fraud attempts missed by current solutions. - Reduces account takeover logins and fraudulent transactions - Fewer alerts Challenge: Bank customers are demanding more services on their mobile devices. Banks are struggling to add more functionality to their mobile apps in a usable way without taking on more risk. Asking a user to enter a username and password to approve a mobile transaction creates friction and is frowned upon by customer experience experts. Solution: Banks can add BioCatch s behavioral authentication data to their risk engine, improving their risk scoring and mitigating risk to an acceptable level for new mobile functionality. - Keeps banks at the forefront of the digital channel - Enhances the customer s experience - Shifts traffic from costly channels like branch and call center calls to the mobile app 4

BioCatch is a leading provider of Behavioral Biometric TM, Authentication and Malware Detection solutions for mobile and web applications. Available as a cloud-based solution, BioCatch proactively collects and analyzes more than 500 cognitive parameters to generate a unique user profile. Banks and online & mobile stores use BioCatch to significantly reduce friction associated with risky transactions and protect users against cyber threats, such as Account Takeovers, Man-in-the-Browser (MitB) Malware and Remote Access (RAT) attacks. The Company was founded in 2011 by experts in neural science research, machine learning and cyber security and is currently deployed in leading banks across North America, Latin America and Europe. For more information, please visit www.biocatch.com Contact us: info@biocatch.com Follow us: Behavioral Biometrics Blog, LinkedIn, Twitter 2015 BioCatch Ltd

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information