For years now, as biometric technology has advanced, we’ve seen one start-up after another crop up and tell us that passwords will soon be a thing of the past. The latest pretender to the password’s throne is BioCatch. Rather than using physiological metrics such as fingerprints or heart rate, BioCatch tracks user behaviour – specifically, how they use their computer or smartphone. “Essentially, it’s a way to authenticate your mind by observing what you do and how you do it,” says co-founder Uri Rivner.
BioCatch examines up to 450 different physical measures, from the amount of pressure you apply when pressing a button, to how you manipulate a mouse, to whether or not you correct your own typos or leave it to Autocorrect. From all of these different metrics, BioCatch forms a behavioural fingerprint which functions as your password and prevents fraudsters from impersonating you online. According to Stephen Mayhew at Biometric Update, rigorous testing of BioCatch has “demonstrated an 80 percent reduction in false positives for detecting the same amount of fraud, as well as spotted cybercrime activities that other solutions failed to detect, such as remote access attacks and malware.”
BioCatch has been designed to be compatible with existing security and fraud detection systems, and is being piloted with banks. Aside from the evident security benefits, Rivner also sees BioCatch as an experience-enriching proposition. “When Apple introduced its fingerprint scanner, people considered it a security play,” he says. “It’s not a security play. It’s a convenience play. It’s more convenient to use the fingerprint than to type a four digit PIN. The race today is to reduce friction. That’s the number one thing: to make it more convenient.”
This seamless user experience has been recognised by Gartner’s Market Guide for Online Fraud Detection, which included BioCatch in its list of approved vendors who deliver “passive” biometric analysis. “[Passive biometric analysis] is done behind the scenes and is transparent or unknown to the user,” analyst Avivah Litan explains in the report. “By 2017, passive biometric analysis will become a standard feature of at least 30% of one-stop fraud detection solutions – up from less than 1% today.”