BioCatch, the global leader in behavioural biometrics, has introduced a new offering to help protect consumers from phone scams known as vishing, a type of Authorised Push Payment (APP) fraud, in response to the growing vishing epidemic.
Vishing, which involves fraudsters impersonating bank or other officials such as the police to trick victims into transferring funds, has become the fastest growing social engineering scam in the United Kingdom. UK Finance reported that in the first half of 2018, nearly 4,000 UK banking customers lost an average of more than £9,000 each due to vishing scams.
The new offering from BioCatch detects subtle changes in known user behaviour that suggest the victim is under the influence of a criminal, unwittingly taking instruction to conduct fraudulent money transfers. Leveraging 39 patented advanced data science and AI techniques and 25 more with patents pending, BioCatch analyzes the user’s online interactions in real-time and generates powerful behavioural insights. Among these insights are indicators that suggest a person is conducting a transaction under the influence of a fraudster. By flagging this in real-time, banks are able to prevent significant customer losses and better protect their assets.
Avi Turgeman, Founder, CTO & Vice President of Business Development at BioCatch, said: ‘Vishing, a type of APP fraud, is one of the hardest social engineering scams to detect because it’s essentially a person defrauding him or herself while under the influence of a con artist. Traditional fraud detection measures do not work in this instance - the real person is logging in from their own device at the correct location conducting a fully authorised transfer. Nonetheless, by analysing more than 2,000 potential behavioural parameters in real time that does not disrupt the user journey, BioCatch can discern whether or not a person is being directed by a fraudster. Having proven this capability with our leading UK banking customers already, we are pleased to be able to play a key role in addressing this extremely vexing challenge for others as well.’
In a typical vishing fraud, the criminal dupes their victims into performing financial transactions. For example, a fraudster may call the victim disguised as a security official from his or her bank and, after establishing trust, coerce the victim into transferring funds from his or her account into the scammer’s account as a ‘security measure.’ Other forms of impersonation include pretending to be a law enforcement representative.
According to the UK Finance report, British banking customers lost £500m to fraudulent schemes in the first half of 2018 alone, the majority of which came from “unauthorised fraud” (i.e., hacking of user accounts.) During these six months, there were 3,866 confirmed cases of vishing (“authorised fraud” or “impersonation”) in the UK, with the scams leading to £36.6M in customer losses.
Julie Conroy, Research Director of Aite Group’s Retail Banking & Payments Practice, added: ‘Scammers are adept at preying on people’s fears and taking advantage of their trust, and they get better and better at impersonating officials with the host of personal data that is available on the dark web. As opposed to traditional authentication and standard fraud detection techniques, the BioCatch approach works particularly well in the case of vishing because it relies on subconscious user behaviour that divulges whether a person is under the influence of a fraudster. In addition to the obvious advantage of keeping money from ending up in the hands of criminals, behavioural biometric technology is great for banks because it maintains a frictionless online experience for their customers’.