It’s not often that I write about a startup being granted a patent. However, the latest successful filing from Israeli startup BioCatch caught my attention. Essentially it offers a way for app developers to authenticate users based on how they interact with their phone’s touch screen and accelerometer.
Backed most recently by $10 million in Series A funding led by OurCrowd, and Blumberg Capital, the company has developed what it calls “behavioural biometric authentication and threat detection” technology — tech that helps banks and e-commerce companies stop online fraud before it happens.
It works by building a unique footprint for every user based on capturing and analysing a range of “bio-behavioral, cognitive and physiological parameters,” including things like how you locate and move your mouse when presented with a hidden challenge. And now the same principle has been extended to mobile.
The patent in question is entitled “System, device, and method of detecting identity of a user of a mobile electronic device“. It covers the use of physiological factors, such as palm size, press-size, hand tremor and eye-hand coordination, combined with behavioral traits, such as usage preferences and device interaction patterns, to help ensure you are who you say you are.
“Using this cognitive signature we can recognize if the user who is operating in an online or mobile account is indeed the real user or someone else,” Avi Turgeman, founder and CTO of BioCatch, tells TechCrunch.
“Specifically the technology looks at the intersection of the touch and accelerometer. For example what happens when you swipe the device, scroll up and down? By observing the effect that your interaction has on the device, we can efficiently build a strong cognitive biometric profile.”
Turgeman says the purpose is “not to identify a person out of million others, but rather to make sure that the activity we are seeing now is aligned with the activity of the genuine user.”
For example, the patent describes how touch and accelerometer data can be used to extract actual physiological information about the user, such as the size of their palm.
With that said, we are still a long way off from a password-less future. However, like BioCatch’s existing behavioural biometrics-based technology, the idea is to offer a “last line of defence”; it doesn’t replace other types of authentication and fraud detection but attempts to stop cybercrime before it happens.
“The multi-factor authentication market is built upon: something you know (passwords), something you have (device, token), and something you are,” Turgeman explains. “Our tech operates in the ‘something you are’ area.”