BioCatch
BioCatch provides behavioral biometrics and device/session intelligence software that helps enterprises—primarily financial institutions—detect account takeover, scams/social engineering, and fraudulent digital transactions by modeling how legitimate users interact with web and mobile applications.
Visit WebsiteCompany Overview
BioCatch is an Israeli-founded cyber/fraud prevention company best known for behavioral biometrics: it passively captures interaction signals (e.g., typing cadence, touch/mouse dynamics, navigation patterns, device posture) to build a behavioral baseline and score risk in real time. Its value proposition is reducing fraud and scam losses while minimizing user friction, complementing credential-based authentication and traditional fraud rules with continuous, behavior-based risk signals.
Commercially, BioCatch is positioned in the digital fraud and scam detection segment serving banks, payment providers, and fintechs. Competitive pressure comes from broader fraud decisioning platforms (e.g., Feedzai, Featurespace, NICE Actimize) and identity/risk vendors that bundle device fingerprinting, bot defense, and risk-based authentication. Differentiation typically hinges on quality/coverage of behavioral telemetry, the ability to detect “human-in-the-loop” scams (coaching/remote access/social engineering), integrations into existing fraud stacks, and measurable reductions in authorized push payment (APP) scam losses and ATO.
Dual-use relevance is credible but deployment-specific: behavioral analytics can augment Zero Trust and privileged access by continuously assessing session legitimacy, flagging coerced users, scripted operator behavior, or anomalous interaction patterns on sensitive systems. Potential defense applications include continuous authentication for remote/VDI access, detection of compromised credentials and insider-assisted fraud, and risk scoring for high-value workflows. Constraints include privacy/biometric governance, suitability for air-gapped or restricted environments, and the need for tight integration with IAM, SOC tooling, and endpoint/VDI telemetry—areas that should be validated through evidence of pilots, certifications, or public-sector references.
Dual-Use Assessment
Behavioral biometrics and continuous authentication have dual-use applications for securing access to classified systems, detecting insider threats, and protecting defense networks from account compromise.
Key Technologies
- Behavioral biometrics (keystroke/touch/mouse dynamics, navigation patterns)
- Continuous authentication and session risk scoring
- Fraud/scam analytics (ATO, mule activity, social engineering/coaching detection)
- Real-time telemetry collection via web/mobile SDKs and API integrations
- Machine learning anomaly detection and behavioral profiling
- Device and session intelligence (contextual risk signals; integration with IAM/fraud stacks)
Use Cases & Applications
- Banking and fintech digital fraud detection (account takeover, new account fraud, mule onboarding)
- Authorized push payment (APP) scam and social engineering detection (coaching/remote assistance patterns)
- Risk-based authentication augmentation for consumer and workforce login flows
- Privileged access continuous authentication for sensitive enterprise/critical infrastructure systems
- Detection of anomalous operator behavior in VDI/remote access sessions (potential insider/coerced user indicator)
- Case prioritization and alert enrichment for fraud/SOC analyst workflows
Strategic Value to U.S.-Israel Alliance
Continuous authentication and insider threat detection capabilities support secure access to classified systems for allied defense organizations.
Interested in this startup?
Learn more about our investment approach or get in touch to discuss opportunities in dual-use technology.