- 网安创企融资/投资人合作 加微junshao -

【180312 securityweek】New York and Tel Aviv-based behavioral biometric authentication firm BioCatch has raised $30 million in new growth financing led by Maverick Ventures, and including American Express Ventures, NexStar Partners, Kreos Capital, CreditEase, OurCrowd, JANVEST Capital and other existing investors.

"We have raised $17 million over several angel and seed rounds," CEO Howard Edelstein told SecurityWeek. "This is our first growth round, bringing the total raised to $47M."

BioCatch was founded in Tel Aviv in 2011 by Avi Turgeman, Benny Rosenbaum, and Uri Rivner. Turgeman is an alumnus of the IDF Unit 8200 intelligence service, having spent six years as head of innovation in the unit. In this role, he studied how criminals -- or for him at that time, terrorists -- moved around the internet. It was the skills learned at this time that inspired the founding of BioCatch.

The company provides behavioral biometric authentication for both in-house corporate use, and new user online account creation. In normal corporate use, the service provides continuous authentication by first generating a legitimate user profile (it takes just a few minutes) and then continuously authenticating the user's biometric behavioral patterns against that profile. Most current access control systems only authenticate the user at log-on -- meaning that anyone could continue the session once it has commenced.

While this approach works for normal in-house corporate use, it doesn't prevent New Account Fraud where remote fraudsters create new accounts with online services such as banking and retail, using stolen or forged identities -- in this case there is no existing user profile to authenticate against.

New Account Fraud is frequently attempted following major PII data breaches, such as the IRS and Anthem Health breaches in 2015, and the Equifax breach in 2017. Criminals collate and compile stolen details to either impersonate a genuine person or create a fictitious character in order to generate a new fraudulent account with a bank or retail organization.

With no legitimate user profile available, BioCatch monitors and compares the actual online account generation behavior with typical legitimate user and typical criminal user behavior. This is where Turgeman's criminal/terrorist Unit 8200 training comes in. -- it turns out that there are significant measurable differences between criminal and legitimate usage patterns.

For example, criminal users tend to show a greater familiarity and facility with the account application form, while genuine users are more comfortable with their own personal details (full name, DoB, address, etc). Similarly, criminal users tend to display more advanced keyboard skills than legitimate users -- for example, the use of ALT-Tab is common to criminals but used by only 13% of the general population.

BioCatch monitors the entire account generation process examining usage parameters in three main categories: application fluency, computer skill level, and data familiarity. By the time the form is complete, BioCatch is able to say with great accuracy whether the application is likely to be genuine or fraudulent.

This also works with banking malware and existing customers. "For example," Edelstein told SecurityWeek, "a CFO was logged in to his online corporate bank and was working on a series of payables. He was in his office using his standard machine (ie, right location and right device). When he went to confirm the total amount of the payments, which came to $1.6M, he got an alert that the session was blocked, and he had to call the Call Center."

While he had been attempting the transactions, a remote access attack was changing all the routing numbers and account numbers in the background. "The BioCatch system detected this based on various behavioral anomalies that were happening in the session," continued Edelstein, "and sent an alert in real time to the bank and stopped the transaction from going through."

"BioCatch's robust behavioral analytics platform is helping companies identify and stop fraudulent activity without sacrificing the user experience for legitimate customers," said Harshul Sanghi, Managing Partner of Amex Ventures, the strategic investment group within American Express. "The demand for organizations to strike that balance will only increase as digital engagement with their customers grows, and cyber threats become more sophisticated. We're excited to support BioCatch as it works to expand its capabilities and help organizations, including American Express, address this critical need."

BioCatch proactively collects and analyzes more than 2,000 parameters to generate user profiles and model different types of genuine and malicious behavior. The platform can address a wide range of threats at login and beyond by identifying malware, robotic activity, social engineering (phishing, etc.) and other cyber threats, which is a differentiator from traditional fraud approaches and other behavioral biometrics providers.  The company monitors more than 5 billion transactions per month and generates real-time alerts when behavioral anomalies are detected.

The technology is supported by more than 50 patents that are either granted or pending.

更多网安创投资讯                                   

【安全检测】开源软件安全 Snyk获融$700万

【企业并购】PhishMe被$4亿收购并更名Cofense

【企业并购】Splunk以$3.5亿收购Phantom

【Web安全】Netsparker获$4000万融资

【网安众测】 Bugcrowd 获得$2600万C轮融资

【数据安全】顶象宣布获过亿融资 嘉实投资领投

【产业并购】Google宣布计划收购IoT创企Xively

【产业并购】甲骨文收购云安全创企Zenedge

【网络安全】实时未知威胁防御 Vectra获融$3600万

【云安全】以插件代位WAF Templarbit获融$300万

【IoT】SAM获$350万种子轮融资

【反欺诈】Proofpoint$2.25亿并购反钓鱼创企Wombat

【数据安全】基础设施安全创企 Aperio获融$450万

【数据安全】帮助企业应对GDPR BigID获$1400万融资

【IoT】轨道交通网安 Cylus获$470万融资

【智能安防】车载安全摄像头Owl获$1800万融资

【数据安全】隐私保护 D-ID获$400万种子轮融资

【云安全】应用层安全 Tigera获$1000万融资

【端点安全】混合架构协调效率与安全 Hysolate获$800万融资

【数据安全】DLP创企Allure获$530万种子轮融资

【智能安防】巡逻机器人Knightscope获$2500万融资

【身份认证】芯盾时代获￥1.2亿B2轮融资

【区块链】硬件钱包 Ledger获$7500万B轮融资

【数据安全】Baffle获$600万A轮融资

【智能安防】印度智能门禁myGate获$250万首轮融资

【IoT】以色列创企VDOO获83North $1300万投资

【威胁情报】SaaS平台Anomali获$4000万D轮融资

【安全管理】外包SOC服务 Arctic Wolf获$1600万融资

【IoT】AI工控安全 Nozomi获$1500万B轮融资

【威胁检测】四叶草宣布获￥6700万A轮融资

【IoT】韩企Security Platform获软银$278万投资

【智能安防】小兔开门宣布获￥500万Pre-A轮融资

【漏洞扫描】安赛科技宣布获腾讯￥1亿投资

【安全管理】AlgoSec获$3600万融资

【威胁情报】亚马逊欲收购威胁防护平台Sprrl

【数据安全】泰雷兹以$57亿收购SIM卡厂商金雅拓

【网络安全】四维创智获华耀资本￥千万级融资

【区块链】虚拟币安全 BitGo获$4250万B轮融资

【IoT】云车联网安全 Upstream获$900万A轮融资

【云安全】软件定义安全 ShieldX获$2500万B轮融资

【IoT】防护80亿个IoT终端 Cog获$350万A轮融资

【云安全】反恶意威胁云平台 Menlo获$4000万C轮融资

【区块链】代理二次认证 NuCypher获$430万融资

【网络安全】蝎子网络获数千万元A+轮融资

【工控安全】SCADAfence获$1000万A轮融资

【反欺诈】反钓鱼 IRONSCALES获$650万A轮融资

【移动安全】实时APP防护 Prevoty获$1300万B轮融资

【二级市场】银基安全拟通过新三板融资￥1200万

【威胁情报】暗网情报创企Terbium获投$600万

【智能安防】家庭安防创企Minut获投$250万

【物联网】基础支撑平台Ayla获投$6000万

【物联网】Tortuga Logic获融$200万打造芯片级安全

【日志分析】AI驱动Logz.io获$2300万C轮融资

【威胁情报】ThreatQuotient获$3000万C轮融资

【智能安防】AI视频监控平台 博思廷获融￥3000万A+轮融资

【容器安全】NeuVector获$700万A轮融资

【邮件安全】Proofpoint以$1.10亿收购Cloudmark

【工控安全】Enview通过AI及3D技术监控老旧管线获$600万A轮融资

【威胁情报】EclecticIQ获€1400万B轮融资

【二级市场】360拟以￥504亿借壳江南嘉捷回归A股

【智能安防】Face++获$4.6亿C轮融资

【暗网监控】Recorded Future获$2500万E轮融资

【数据安全】Trilio获$500万A轮融资

【物联网】ForeScout通过IPO融资$1.16亿

【反钓鱼】KnowBe4获$3000万B轮融资

【风控】攻击可视化分析创企Skybox获$1.5亿融资

【NAC】网络访问控制创企ForeScout上市融资$1.16亿

【物联网】AI助力摄像头安全 Flare获融€340万

【身份认证】双重认证创企Duo获$7000万D轮融资

【网安测评】SecurityScorecard获诺基亚$2750万C轮融资

【风控】同盾科技获$7280万C轮融资

【终端安全】火绒获天融信￥1500万Pre-A轮融资

【身份认证】人工智能创企Onfido获$3000万融资

【身份认证】谷歌收购统一身份管理创企Bitium

【身份认证】区块链生物认证创企HYPR获$800万A轮融资

【威胁防护】实时防护创企Capsule8获$600万A轮融资

【容器安全】Aqua Security获$2500万B轮融资

【移动安全】指掌易获￥1.5亿A+轮融资

【暗网防护】Digital Shadows获$2600万C轮融资

【反病毒】在初始阶段阻止病毒，AppGuard获3000万美元B轮融资

【云安全】炼石网络获￥3000万Pre-A轮融资

【数据安全】观安信息获￥5000万A轮融资

【每周五为您同步全球网安投融大事】