First, we couldn’t trust credentials anymore.
Then, we couldn’t trust devices anymore.
Now, we can’t trust behavior anymore.“

Scams (or Authorized Push Payments) are the catalyst of a second evolution in fraud prevention. When a scam happens, traditional Account, Identity and Device checks are often insufficient detection mechanisms. After all, scams almost exclusively leverage social engineering. Victims are convinced to transfer funds to a fake family member or a fake “safe account”.

Figure 1: Evolution of fraud prevention

Behavioral Analytics & Scams

Behavioral Analytics provides the ability to translate behavioral customer journey events in risk scores. BA takes events from the customer journey, and data like timings, keystrokes, swipes, journey triggers, taps or clicks, and models them. A Multi-Model approach is

Figure 2: Multiple AI models

The Identity model is individual. It checks for deviations from a user’s regular modelled behavior:

• Manipulation
• Coaching / Dictation
• Pressure / Duress
• Uncertain behavior

The Baseline Fraud Model is federated, and checks for matches against known scam Modus Operandi, including (but not limited to):

• Impersonation Scams
• Romance Scams
• Investment Scams
• Family Scams
• Sales Scams

Applying Behavioral Biometrics to the Customer Journey

Scam- related behavioral events happen throughout the customer journey, from App / Web start to transaction signing.  That’s why we often say:

Scams don’t start with a transaction; they end with one.

Figure 3: Behavioral indicators in the Customer Journey

Detection Rates

Scam Detection benefits tremendously from adding Behavioral Analytics. Our most recent measurements for the most common scams  show the following increases:

Figure 4: Detection Rate increases

Verdict: Behavioral Analytics and Scams get along tremendously well

Behavioral Analytics is made for detecting scams. The nature of Social Engineering does not translate into technical TTPs and scores easily. Modelling behavioral allows Fraud Prevention teams to tie risk scores to behavior.

Behavioral Analytics provides a tremendous boost of detection rates of scams. As we will see later in this series, this power is even greater when synergizing with Device Risk and Threat Intelligence.

Behavioral Analytics and ThreatFabric

At ThreatFabric, we’ve solved some key issues with legacy Behavioral technology:

• Our technology is built on threat intelligence: this ensures our technology is ready for new, or unknown, Fraud Modus Operandi. Also, our Threat Intelligence landscapes allow Fraud teams to not only react but also pre-empt campaigns.
• ThreatFabric combines Multiple Behavioral Analytics models with Device Risk, built on Threat Intelligence, throughout the Customer Journey. This combination of technologies and multiple models in one SDK allows for unprecedented, pre-emptive detection accuracies.
• We use Edge AI scoring on the endpoint, combined with an ultra-light SDK footprint. This greatly reduces computing & license cost and eliminates the need for per-use pricing.

Figure 5: Behavioral and Device Technology in the Customer Journey