BioCatch launches behavioral biometrics for PSD2 compliance

BioCatch has reached the implementation stage with its behavioral biometric solution for compliance with the Strong Customer Authentication (SCA) requirement of Europe’s Payment Services Directive 2 (PSD2) to help banks and financial institutions to improve compliant customer experiences.

The company has begun implementing its behavioral biometrics into customer interfaces for several customers, according to the announcement. This will enable them to meet the new March 2022 deadline for SCA implementation in the UK.

“Since it operates in the background, behavioural biometrics enables a secure, customer-centric experience by analyzing a user’s digital behaviour without increasing friction,” says Howard Edelstein, chairman and CEO of BioCatch.

A top five U.S. bank using BioCatch’s behavioral biometrics recently experienced a sustained account takeover attack, with cybercriminals using social engineering to gain control of accounts, according to a case study published by the company. The attackers would then enroll the customer in payment service Zelle, and initiate fraudulent payments. The deeper visibility provided by BioCatch’s risk score enabled the client to identify fraudulent activity, and eventually stem the attack.

BioCatch is launching a series of events on the use of behavioral biometrics for ecommerce compliance with SCA on July 28 to help broaden industry understanding of the compliance journey.

UK banks take different approaches to SCA deadline

The six-month SCA extension will be used in different ways by various UK banks, according to a LexisNexis Risk Solutions survey reported by London Loves Business.

While just over 4 in 10 (42 percent) plan to use the extra time to improve and enhance their planned SCA systems, others appear to be preparing to do the least they must to meet requirements, and then adapt their systems.

“Behavioural Biometric Authentication is a good example of what can be done with this extra time, as it buys more time for things like profile baselining, an essential component of biometric authentication,” states Dan Holmes, solutions director at LexisNexis Risk Solutions. “On behavioural biometrics specifically however, what the poll results really show us is the uncertainty around SCA compliance and a potential gap in who defines what a ‘compliant’ authentication strategy is – As well as what parameters this should be set within.”

The survey also revealed that only 12 percent of financial institutions share data from across the customer journey.=

Advice on boosting privacy and compliance

With compliance and privacy in focus for many financial institutions, BehavioSec suggests four different ways behavioral biometrics can help in a blog post.

Behavioral biometrics provide a dynamic solution, BehavioSec says, act as an additional factor for multi-factor authentication (MFA), avoid the risk associated with static factors that can be stolen, and avoid the bias and presentation attacks sometimes associated with other biometric modalities.

The insights shared in the blog post are largely drawn from the ‘2021 Global Data Privacy Regulation of Physical & Behavioral Biometrics’ report from BehavioSec and Good Intelligence.

Article Topics

behavioral biometrics  |  Behaviosec  |  BioCatch  |  biometrics  |  ecommerce  |  financial services  |  LexisNexis  |  regulation  |  secure transactions