Skip to main content

Overview

Account takeover fraud occurs when malicious actors gain control of legitimate users’ accounts to conduct fraudulent activities such as unauthorized transactions, data theft, change of contact details, or other malicious actions. The BioCatch connector helps financial organizations detect and prevent unauthorized access to their members’ accounts. The connector uses BioCatch technology to analyze a user’s unique physical and cognitive digital behavior during online sessions. This includes capturing the behavioral biometrics of a user - how they type, move the mouse, swipe, tap, and interact with their device. The BioCatch platform continuously monitors these behaviors from login to logout, establishing a baseline profile for legitimate users. This connector integrates seamlessly with Grand Central and the Grand Central Unified API Specification to provide comprehensive account takeover prevention.

How It Works

Behavioral Biometric Analysis

When a user logs in or performs sensitive actions:
  1. Behavior Capture: BioCatch monitors and captures:
    • Typing patterns and rhythm
    • Mouse movements and clicks
    • Swipe and tap patterns (mobile)
    • Device interaction methods
    • Scrolling behavior
    • Navigation patterns
  2. Profile Comparison: The system compares current behavior against:
    • User’s historical behavioral baseline
    • Known legitimate user patterns
    • Typical behavior for similar actions
  3. Intelligence Collection: In addition to biometrics, BioCatch collects:
    • Device type and model
    • IP address
    • Browsing location
    • Device fingerprint
  4. Risk Assessment: Real-time insights are provided based on:
    • Behavioral anomalies
    • Device irregularities
    • Location inconsistencies
    • Historical profile deviations

Risk Scoring

For successful transactions, the BioCatch connector retrieves a risk score indicating the likelihood of fraudulent account takeover.

Risk Score Range

  • Scale: 0 to 1000
  • 0: Lowest likelihood of fraudulent account takeover
  • 1000: Highest likelihood of fraudulent account takeover

Automated Response Actions

Retrieved risk scores can trigger pre-configured actions based on score thresholds:
  • Step-up authentication: Require additional verification for medium-risk activities
  • Transaction review: Flag transactions for manual review
  • Temporary account blocking: Restrict account access for high-risk sessions
  • Session termination: End sessions with extreme risk indicators
  • Alert generation: Notify security teams of suspicious activity
Threshold configurations are customizable based on the financial institution’s risk appetite and security requirements.

Key Features

  • Continuous monitoring: From login to logout, every interaction is analyzed
  • Behavioral biometrics: Unique physical and cognitive digital behavior analysis
  • Device intelligence: Comprehensive device and location information collection
  • Real-time risk scoring: Instant risk assessment during user sessions
  • Baseline profiling: Establish and maintain profiles for legitimate users
  • Anomaly detection: Identify deviations from normal user behavior patterns
  • Configurable responses: Automated actions based on risk score thresholds

Detection Capabilities

Behavioral Analysis

  • Typing dynamics: Keystroke timing, rhythm, and pressure patterns
  • Mouse behavior: Movement speed, patterns, clicks, and precision
  • Touch interactions: Swipe patterns, tap pressure, and gesture analysis
  • Navigation patterns: Page interaction sequences and browsing behavior
  • Cognitive indicators: Decision-making speed and interaction consistency

Device and Location Intelligence

  • Device recognition: Identify known vs. unknown devices
  • Location tracking: Detect unusual geographic locations
  • IP analysis: Monitor for suspicious IP addresses or VPN usage
  • Device fingerprinting: Track device characteristics and changes
  • Browser information: Analyze browser type, version, and settings

Use Cases

Account Takeover Prevention

Monitor user sessions in real-time to detect unauthorized access attempts before fraudulent activities occur.

Transaction Authorization

Assess risk for high-value or sensitive transactions to determine appropriate authentication requirements.

Login Security

Evaluate login attempts to distinguish between legitimate users and potential attackers.

Session Monitoring

Continuously monitor entire user sessions to detect suspicious behavior at any point.

Step-Up Authentication Triggers

Automatically require additional authentication when behavioral anomalies are detected.

Supported Operations

Through the Grand Central Unified API Specification:
  • Monitor and secure customer digital journeys
  • Retrieve real-time risk scores based on biometric and location data
  • Access detailed analysis of behavioral patterns
  • Configure risk score thresholds and automated responses
  • Query historical user behavior profiles

Integration Benefits

  • Proactive fraud prevention: Detect account takeover attempts before damage occurs
  • Frictionless security: Invisible protection that doesn’t impact legitimate user experience
  • Real-time protection: Instant risk assessment during user sessions
  • Comprehensive analysis: Multi-factor evaluation combining behavioral and device data
  • Configurable thresholds: Adapt risk responses to your institution’s risk appetite
  • Automated responses: Reduce manual review with intelligent risk-based actions
  • Continuous improvement: Behavioral profiles evolve with user patterns
  • Scalable solution: Handle high-volume session analysis efficiently
  • BIAN compliance: Standardized security interactions based on BIAN framework