Last week, our sibling site FindBiometrics published part one of an extensive interview with Frances Zelazny, Chief Strategy & Marketing Officer, BioCatch. That first half of her conversation with Peter Counter, Managing Editor of FindBiometrics and Mobile ID World, dealt with how behavioral biometrics can thwart sophisticated vishing fraud attacks, the behavioral insights market, and BioCatch’s latest partnerships.
Now, on the heals of Zelazny’s speaking engagement at this week’s K(NO)W Identity Conference in Las Vegas, Mobile ID World is proud to present part two of the interview in which she delves into BioCatch’s focus on biometrics education and new fraud threats facing today’s enterprises. The interview concludes with a review of BioCatch’s recent successes, including the expansion of its robust patent portfolio.
Read part two of our interview with Frances Zelazny, Chief Strategy & Marketing Officer, BioCatch:
Peter Counter, Managing Editor, FindBiometrics & Mobile ID World: If we look at the industry in a larger perspective, something I really appreciate about BioCatch is your frequently updated company blog, it’s a really great educational resource when it comes to cybersecurity and fraud prevention and just staying up to date in what is going on in behavioral biometrics. Why do you think education so important in the biometrics industry?
Frances Zelazny, Chief Strategy & Marketing Officer, BioCatch: I think that in general there are a lot of misconceptions with biometrics. In the early days when people didn’t know what biometrics was, it was incumbent on the industry to really educate and separate fact from fiction and I think the need continues today. From our point of view, we not only need to educate on behavioral biometrics, but how BioCatch goes beyond.
MIDW: Speaking on your blog, you wrote a very fascinating piece back in November on the state of American identity and the main takeaway for me was that America is truly in a fraud a data breach crisis and second of all the lack of standard national ID is part of the problem. Do you think biometrics can help play a role in remedying this issue and what role can behavioral biometrics play in building this strong identity framework for Americans?
BioCatch: What I said in the blog is that it is a very American thing not to have a national ID; it is at the core fabric of American society and I think that creating one would be quite difficult.
The world of behavioral biometrics in this is interesting because the fact that so many data breaches have occurred and so much personal information is already out there, the fact that somebody actually has an ID or the fact that somebody is entering specific information online does not necessarily mean that it’s that person. So, behavioral biometrics can solve two problems: one is to distinguish whether someone is using stolen or synthetic identity in an online process because normally based on the fraudsters that are trying to go through the process as fast as possible so if somebody is applying for a government benefit or whatnot they may be able to based on the way that information is entered to weed it out and understand those behaviors. You also could correlate existing ID’s with behavioral profiles to see whether the online behavior matches the known behavior of that particular user.
So, it is all about layering and correlating data and creating trusted frameworks, and there is no single piece of information that would lead you to the answer. It is all about connecting the dots over and over and over again. And this is the AI element of behavioral biometrics is also very interesting, because unlike finger and unlike face your behavior does change by definition over time, and so you can use the behavior to strengthen that person’s profile continuously.
MIDW: That speaks a lot to how artificial intelligence works within your platform. It is really fascinating that everything you do within a behavioral system is almost like authentication and re-enrollment at the same time. It is a fascinating cycle.
BioCatch: Yes, that’s what we do. That’s what we do when we create a profile and capture these points over and over again, strengthening it and looking for points of differentiation. That is another very interesting thing about our approach; unlike face or finger where you are looking for fixed points and then you are looking at the measurement between those points. With behavior, it’s the opposite. At the scale that we are at, we know how the general population behaves and we are looking for points of uniqueness in order to distinguish you from other people. You profile then, will be based on different points than what my profile is based on because what makes you unique is different than what makes me unique.
MIDW: Right, that is super fascinating, that is really cool. Something else in your blog post that stuck out to me is the increase in data breaches that affect minors recently and I’m wondering what factors are making youth and children vulnerable to cyber fraud?
BioCatch: It is the same reasons; the fraudsters are going to the data breaches and because the minors have clean slates it is easier to get past them. So, they will take a kid’s social security which is legitimate and then they will add other information to make up a synthetic identity.
MIDW: What are some of the biggest fraud threats other than vishing that are facing enterprises in 2019?
BioCatch: Vishing is a subset of this authorized push payment fraud but if you actually look at all the different types, traditional phishing continues to be number one. I have a personal story that I love to tell just to emphasize how we are all vulnerable to these kinds of attacks. The background of the story is that my husband and I were remodeling our apartment last year and I got an email from his cousin who is an architect saying, “Here are the files that you asked me to review.”
And I emailed back saying, “What files?” And I get a response back saying, “The files that you sent, and they were too big so I put them in DropBox, and all of my comments are in there so just click this link.”
I emailed back again and said, “What files were there?”
And the reason that I was questioning this, is that this cousin and I never exchanged emails, we always communicated via text messages. During this exchange I got a text message from him letting me know that his work email had been hacked and not to click on anything he had sent. If I hadn’t worked for BioCatch with my radar being up all the time, I probably would have clicked and gotten hacked myself!
MIDW: That was such a close call but it really does illustrate how big a threat this kind of thing is.
We just completed our 2018 Year in Review at FindBiometrics and I’m wondering what were some of BioCatch’s highlights from your company’s perspective?
BioCatch: We had a really great year. We’re up to 90 million users. All of our customers are enterprise accounts, so it just speaks to the volume of customers that we are working with. We had a great patent year as well and we are up to 39 granted patents and another 25 that are pending which is tremendous for a company of our size. We’ve added partnerships with FacePhi, Entersekt, ForgeRock, and ACI so we are expanding our ecosystem. We are also expanding our use cases, like vishing, and introduced these insights. Before we used to just give a risk score but now, we are providing indicators as well. We now have a full suite of offerings that provides value across the digital lifecycle, with demonstrable ROI – by our customers’ estimates, it is 10-15x return on investment. We had an amazing 2018 and I’m really excited for 2019 as behavioral biometrics is becoming a household term, and there is a lot of good momentum already just in the first quarter.
MIDW: Fantastic! Congratulations on all of that, it sounds like an amazing year and there are so many cool things that BioCatch is up to. Thanks for taking the time to talk with me today.
BioCatch: Thank you Peter, I appreciated it.
Follow Us