The issue of security is acute for every company working with data. Modern tools allow attackers to successfully imitate the activities of an ordinary user. And security mechanisms do not always recognize and stop unauthorized access attempts. The result is information leaks, theft of funds from bank accounts, and other troubles.
A Spanish company has proposed its solution to this problem.
Founded in 2010 in Madrid, Buguroo aims to identify scammers who try to imitate the behavior of legitimate account holders. Using deep learning algorithms based on neural networks, the company obtains information about what a typical session of using a bank account looks like. Using fraud detection and prevention technology that combines behavioral biometrics, malware detection and device assessment, the platform better identifies potential threats from cybercriminals and bots.
Fraudsters can use a variety of methods to bypass authentication processes, such as remote access malware (Trojans), form hijackers, web injections, etc. Buguroo representatives claim that their solution is capable of detecting previously unknown malicious scripts that the end user uses in a mobile application or browser. This means that the platform can adapt to new methods that have not yet been added to blacklists.
Principle of operation
Buguroo detects when fraud attempts are being made by analyzing historical patterns and classifying each subsequent login session based on that data. The platform collects many behavioral patterns. In particular, finger size and screen pressure (on touchscreen devices), typing speed and fluency, mouse movements, and gyroscope position are taken into account. This data is subsequently used to analyze behavior when an intruder attempts to log into the system.
How does this work in practice? Let's say a bank customer typically uses the vertical scroll bar on the side of their browser for navigation and enters their account information using the side of the keyboard. But then the system notices that in one session the client is using the scroll wheel on their mouse and the horizontal number bar at the top of the keyboard. This may be a sign that someone else is trying to access your account.
Using cross-analysis of information from different channels, the system is able to detect anomalies arising from fraudulent activity, which makes it possible to recognize such attacks in advance.
BugFraud workspace
The Buguroo service also deals with new account fraud (NAF), that is, when a new bank account or credit card is opened using stolen credentials. It also offers assistance in identifying fraudsters already working in the banking system. To achieve this, the company offers the Fraudster Hunter solution, which is part of its main BugFraud platform. The solution is initially aimed at identifying violators who have already penetrated the bank. It's important to note that BugFraud is available in different deployment options. Clients can choose virtual
By constantly monitoring the activity of users, devices, networks and sessions, Buguroo collects information about the methods of fraudsters, creating a unique βcyber profileβ for each user, a digital DNA built using thousands of parameters related to the customerβs behavioral biometrics (including smartphone and mouse movements, keystrokes , device profiling, geolocation and malware records), which recognizes with 99,2% accuracy. The effectiveness of the solution is confirmed by experts. In 2018 and 2019, the company was recognized as the winner in the category βFraud Prevention Product of the Yearβ from an independent organization
Winner's Reward
The situation in the market
Already, Buguroo protects more than 50 million customers in Europe and Latin America in providing financial services from login to logout. With another $11 million in the bank, it plans to expand its global presence into new regions, including the US, UK, France and Germany.
However, Buguroo is not the only company working in the field of tracking behavioral biometrics in banks. Israeli
However, Buguroo assures that his solution is different from others. For example, bugFraud's advanced behavioral biometrics algorithms detect abnormal customer behavior in the fastest and most accurate way compared to other solutions offered by competitors. Additionally, the company's solution creates a unique profile for each user and compares it to the same user's previous sessions, while other services compare the profile to a broader cluster of "good" and "bad" behaviors. This is an important distinction because, in theory, scammers can learn what βgoodβ behavior looks like in terms of registering or logging into banking sites. But it is almost impossible for an attacker to know the specific behavioral traits of the individual users they are trying to imitate.
Referring to data
What else can you read on the blog?
β
β
β
β
β
Subscribe to our
Source: habr.com