Press Release: Outseer Launches Platformized Behavioral Biometrics Delivering Unmatched Defense in Depth
behavioral biometrics with OTP and email

Authentication with Social Engineering Fraud Detection

Outseer Behavioral Biometrics for 3-D Secure delivers Enhanced Authentication coupled with improved fraud detection for difficult-to-spot techniques.
 
The best-in-class Behavioral Biometric capability analyzes user activity during the browser challenge process. A Behavioral Biometric authentication profile is created and is then used on future visits to compare against cardholder interaction patterns. This helps you comply with PSD2 Strong Customer Authentication (SCA) regulations as an Inherence factor.
 
At the same time, nefarious characteristics that could indicate social engineering of the OTP are monitored. With Enhanced Authentication these new signals detect suspicious activity during the challenge that might otherwise be missed. The result is a more robust SMS challenge that rivals the veracity of Mobile App authentication and as such can be used as a fallback for use cases outside of a Mobile App.
 
Outseer has developed and incorporated this Behavioral Biometric capability within its 3-D Secure ACS platform to ensure a seamless enablement without the additional integration, vendor compliance, and contractual complexity necessitated by third-party point solutions.
password icon
Gain Frictionless Enhanced Authentication
Provides a second layer of decision making when combined with OPT, giving insight into how data is entered via keystrokes and mouse activity.
fraudster icon
Detect More Fraud and Maintain Digital Trust
Identify difficult-to-spot nefarious behavior patterns during the challenge process by detecting where OTP codes have been socially engineered.
legal icon
Meet Regulatory Requirements
Gain the capabilities you need to meet the Regulatory Requirements for PSD2 SCA and other global regulations, all through a single vendor.

Defense in Depth for better results

Single Platform. Single Partner.
Native incorporation of Behavioral Biometrics signals into 3-D Secure authentication and fraud prevention platform—deploy and configure with no technical integration required.
Integration with Outseer 3-D Secure OTP Challenge Flow
The Behavioral Biometrics score is used as an Inherence factor in the SCA challenge flow. After the known text input challenge (e.g. email address) is typed on the OTP challenge page, the score threshold is used to determine authentication pass/fail.
Behavioral Biometrics Data Collection
Collects signals from web and mobile browsers through a JavaScript that gathers keystrokes and mouse data from page interactions.
Behavioral Profiling
A user behavioral profile is built and maintained with data including tracking patterns such as typing speed, mouse movements, device usage, and browsing habits. The profile is updated and refined on each user visit.
Real-Time Anomaly Detection
Advanced machine learning algorithms detect deviations from established behavioral norms in real-time, detecting potentially fraudulent activities. The solution looks for nefarious activity at a population level and not just user profile level, allowing assessment on new users.
Behavioral Biometrics Score and Score Reasons
A normalized score is produced for each user based on the data collected during the challenge flow. Any risky behaviors are made available as score contributors.
Ensure Privacy Compliance
Ensure that behavioral data is anonymized and securely stored, in compliance with regulatory requirements.
Analytics Reporting
Behavioral Biometrics data is embedded in analytics and reports to show the challenge success rate.

How it works

Outseer 3-D Secure with Behavioral Biometrics

When a cardholder makes a purchase with a merchant in a location where 3-D Secure is utilized, the cardholder goes through the 3-D Secure flow. At that point, they are either allowed or challenged. When the challenge screen appears, it is sent to the user as a multi-factor authentication.

On the backend, the 3-D Secure platform surfaces the challenge screen and loads the collection JavaScript. The collected data is passed to the Behavioral Biometrics service to calculate the Behavioral Biometrics score.

Outseer performs Behavioral Biometrics on a repeatable text such as an email address or key phrase, which will result in fewer false positives. The pattern of that will be stored in their profile to compare on subsequent visits. If there is a discrepancy in how it is typed, the Behavioral Biometrics score will increase. In addition, patterns of nefarious behaviors are assessed around all interactions in the challenge screen and if seen then are flagged as fraudulent behavior as part of the Enhanced Authentication capability.

Examples of nefarious behavior include cognitive changes in how the data is entered or deleted, the timings of the session, automated or bot like activity, emulated devices and real time social engineering. These are looked at from both a population behavior level as well as individual user profile level.

Configuration Manager
Issuers & processors will be able to configure the Behavioral Biometrics score threshold to determine authentication pass/fail, as well as configure expected behavior when the Behavioral Biometrics service is not available.
Case Manager
Search for a transaction to view detailed results, including the Second Factor Score, Reason, and Decision—key insights from Behavioral Biometrics to support case investigations.
Analytics
Analytics and reporting on Behavioral Biometrics will show the challenge success rate when Behavioral Biometrics is used to authenticate CNP transactions. This insight enables Fraud Analysts to refine and enhance fraud prevention strategies, policies and rules related to Behavioral Biometrics.