Top banks in Australia are collaborating in a financial crimes intelligence network created by BioCatch, a company that provides 34 of the 100 largest banks worldwide with the ability to identify suspected fraud by analyzing their customers’ physical behavior patterns and cognitive signals during a digital banking session.

The company’s intelligence engine, available on a software-asa- service (SaaS) basis, collects behavioral biometric signals as well as signals related to digital banking, payments, accounts, devices, IP and geolocation and nonmonetary activity.

Those signals are then provided to clients to be combined with the nondigital information from other fraud fighting technology they deploy. An API connects BioCatch to its customers.

BioCatch technology fights financial crimes involving new bank accounts, credit and debit card accounts and account takeovers, money laundering, social engineering scams (including deep fakes and voice spoofing), noncard ATM withdrawals, virtual card issuance, money mules and one-time passcodes.

Australia, where 9 of the country’s 10 largest financial institutions are BioCatch customers, is the first country in the world in which competitors have chosen to collaborate on behavior and device-sharing intelligence. Called BioCatch Trust, the network is focused on fighting authorized push payment (APP) fraud and social engineering scams.

APP fraud is harder to spot than unauthorized fraud. However, there are behavioral characteristics evident in a digital banking session involving APP fraud that differ from a typical online or mobile session.

The same is true for social engineering scams. Voice-based scams, where a criminal is coaching a victim to send money, tend to be significantly longer sessions.

BioCatch Trust operates in real time to determine the trustworthiness of a transfer of funds between sending and receiving financial institutions. The network adds signals not found within any individual member’s transaction review.

Financial institutions that hold the sender’s account gain the ability to interrupt a transfer before any money leaves an account. This allows for extra steps to be taken to confirm the validity of a transaction with the sender.

Authorized push payment fraud and social engineering scams typically originate via an email, text message or social media post. Funds are then sent to a mule account. Successfully laundering money can involve up to 10 accounts.

There are three types of mule accounts. An accomplice account involves a willing participant who executes a transaction on behalf of a criminal. Other people sell their existing accounts to criminals. And there are honest people who are deceived by a criminal into laundering money.

BioCatch Trust observes Australia’s consumer privacy rules, including using pseudonymization technology to protect identities. The concept can work in any country.

INTERVIEWED FOR THIS ARTICLE Tim Dalgleish is Senior VP, Emerging Solutions & Networks at BioCatch in Melbourne, Australia, tim.dalgleish@biocatch.com, www.biocatch.com.
Prior issues: 1203, 1186, 1146, 1108, 1061