How You Hold Your Mouse Might Prevent Online Fraud

As fast as new security tools are implemented to combat online credit card fraud, criminals devise new ways to beat the system or find new weak spots in how online credit card processing works.  Chosen Payments constantly monitors solutions that keep our merchants safe from experiencing a fraud loss.

Many of our clients such as home housewares, limo operators, uniform retailers and trade associations conduct the majority of their business through online transactions so improvements in fraud disruption are an important consideration.

If we go back in time to the early 90’s, we were pretty easily duped by phishing emails and Nigerian scam artists.  We gave up our personal data pretty easily because eCommerce was new and we had no idea how it worked.  This was like turning on a faucet of money for many fraudsters.

By 2007 banks had enough of taking on multiplying losses.  The precursor to the chip technology credit card was “two-factor authorization”.  The process worked but at the same time angered many credit card users by requiring a PIN and an on-screen challenge to receive a one-time use code that had to be entered in the webpage to complete a transaction.  While it did decrease losses, it wasn’t without mass complaints and ultimately, fraudsters figured out how to defeat it by using malware that simply tracked the keystrokes of the user.  Through malware and Trojan viruses, crooks could cause a page to pop-up that looked like an authentic bank page that requested all kinds of personal information to complete a “transaction” and voila, the fraudster was armed with everything they needed for a day of online shopping.

A new technology is currently being rolled out by a company called BioCatch.  BioCatch uses behavioral biometrics to catch fraudsters.  You are probably saying, “behavioral what”?  Behavioral biometrics analyzes more than 500 parameters such as your mouse and keyboard use when placing online orders.  Are you a “delete” kind of person or a “backspace” kind of person.  There are those who tab the cursor to the last letter of a misspelled word and use the delete key while others highlight the misspelled word and hit the delete key.  These little habits can be analyzed and when someone attempts to use your information to make a fraudulent transaction, it initiates a fraud warning for further action.

When you move around a form, are you a “tab” person or a “click the field” kind of person.  This is just another example of personal traits we all use when conducting online commerce.  There are many more traits such as using a scroll bar or using your mouse wheel to scroll down.  There are many patterns we all use that create a unique “electronic fingerprint” that can let our banks know that someone else is making this purchase.

By using these behavioral patterns, banks can contact the cardholder to verify they are online and attempting to make a purchase and conduct further validation steps to avoid fraud being committed against the cardholder, the merchant and the bank. 

Using behavioral biometrics, banks are able to see a customer’s behavior is uncharacteristic from all previous transactions.  This even includes “mouse doodling” with the cursor between transactions.