It was seven years ago in the weekly update with the Data Science team. As Chief Cyber Officer and co-founder of behavioral biometrics company BioCatch, which specializes in online fraud detection, this was my favorite internal meeting: there were always
some new tricks the fraudsters did which the team picked up on, and it was pure fun to learn about them.
This time we were looking at a comment made on one of the records in the weekly fraud file we got from a top 5 UK bank. Normally the records just marked online banking transactions that were reported by a customer as fraud; the data was basically used to
train the behavioral biometric model to predict future fraud. Some records contained a brief account of the frau circumstances, but this particular record had a very long and descriptive comment, telling the story of a sophisticated social engineering con.
If you’re interested in how it was carried out, I covered it in a prior blog, titled
The Perfect Crime. In a nutshell, though? It was the first APP scam we encountered.
That blog was written a couple of years afterwards using 20:20 hindsight, and also talked about the huge advances in detection the banking industry has made, including data sharing and using micro-behavior analysis to track things like distraction, hesitation
or the signs of being guided, but back in 2016 this was still just a weird anomaly. The behavioral biometric AI missed it completely, predicting a low ATO (Account Takeover)…
