Ken Jochims Jun 30, 2021 13 min read

Using BionicIDs to stop Impersonation and Manipulation attacks

The fundamental building block of a BionicID™ is behavioral biometrics.

Revelock collects thousands of non-PII parameters starting with behavioral biometrics - how a user handles a device - and layers on behavioral analytics - when from where and what the user accesses as well as which device and network and all the associated data about that device and network that is used to access a protected website or mobile application server.

Impersonation Attacks start with stolen credentials, and Revelock Active Defense prevents malware or phishing attacks from stealing user credentials in the first place.

Revelock Active Defense also allows banks to determine the appropriate actions to take when malware attacks or phishing attacks are detected on user devices - and immediately, automatically, and silently protect those users as well as alert the bank’s fraud teams. In today’s post-breach world, stolen credentials are readily available for bad actors to use to impersonate legitimate users.

Stolen credential attacks require a different approach to stop since they are executed by credential stuffing bots and manually by humans. These kinds of attacks are detected, and account takeovers are prevented by Revelock BionicID™ analysis.


Manipulation Attacks utilize remote access software, either by fraudulently manipulating legitimate remote access software or having a victim execute a form of malware called a Remote Access Trojan. Either attack is designed to gain control of a victim’s device or, more typically, gain control of a user’s banking session.

This form of attack is easier to execute because it bypasses traditional account security, allowing a bad actor to temporarily control a victim’s account. Revelock’s Active Defense BionicID™ analysis can detect and defeat both attack types stopping attempted session takeovers - protecting users and notifying the bank.

Revelock analyzes thousands of users, network, and system parameters collected during every online interaction or operation to safeguard users from impersonation and manipulation attacks.


This data is processed in the cloud using hybrid AI models including Deep Learning to create a BionicID™ for all users, legitimate or bad actors at sign-up. From that point, the BionicID™ is continually updated and analyzed at every interaction, and a holistic risk score is calculated for each customer.

Depending on the risk, the system silently allows user access or stops bad actors. The bank has access to risk scores and can configure when to be alerted, and can also automate appropriate action to be taken.

For example, if an impersonation or manipulation attack is detected, Revelock provides banks with two flexible response paths.

  • The first is to protect users at the point of attack immediately.
  • The second is to simultaneously alert the bank’s fraud teams of the attack and execute a follow-up response – ranging from sending user notifications, stepping up authentication, terminating a session, or locking the account –stopping fraud before it happens.


What is BionicID™ analysis best suited for?

BionicIDs™ are most commonly used for anti-fraud or user verification applications but have primarily been used by financial institutions to stop online fraud.

For example, in online behavioral biometrics in banking applications, BionicID™ analysis can provide effective fraud protection against manipulation or impersonation-based attacks such as Account Takeover (ATO) fraud, as well as malware-based ones such as Remote Access Trojan (RAT). 

Besides online banking access, BionicID™ analysis can also be applied to other use cases such as detecting New Account Fraud, Card Not Present, or when 3D Secure verifications are required. 


Does BionicID™ data collection or analysis impact the user experience?

BionicID™ data collection is entirely transparent for end-users, and the data analysis is invisible without requiring users to take any extra steps. Furthermore, it works in the background and provides passive biometric verification to confirm the person behind the online session is always the genuine user.

When a BionicID™ anomaly is detected, it generates the need for additional authentication (multi-factor authentication). Similarly, during a 3D Secure stepped-up verification, users may be required to take additional steps to verify their identity.

Deep learning algorithms continuously evaluate the incoming flood of behavioral biometric data on the financial institution’s side. This evaluation will result in a seamless and secure user experience or, in the case of anomalous activity, trigger an automated response to stop an attack and follow-up alert to notify the bank of the attack and the actions taken to prevent it.


Does BionicID™ data collection/analysis comply with SCA/PSD2?

BionicID™ data collection and analysis comply with Strong Customer Authentication (SCA) requirements. They can be used as a component of multi-factor authentication as required by the EU’s Second Payments Services Directive (PSD2).

Strong Customer Authentication is required through PSD2 every time someone attempts to pay online or access their online banking services. The authentication must be carried out by the Payment Service Provider (PSP).

It must occur through at least two different factors that satisfy two of three categories: possession (device), knowledge (password or PIN), and inherence (something the user has - physical biometrics such as a fingerprint or behavioral biometric security).

When combined with deep learning technology, behavioral biometrics for human identification can authenticate a user invisibly and throughout their entire online banking session, meaning a factor of authentication (in this case inherence) under SCA is fulfilled with no user action required.

Additionally, the use of BionicIDs™ is also compliant with other international cybersecurity standards and regulations set forth by NIST 800-171, ISO 27001, HIPAA, FINRA, and FISMA.


Does BionicID™ data collection/analysis (behavioral biometric digital identity) comply with GDPR?

BionicID™ data collection and analysis complies with the European Union’s General Data Privacy Regulation (GDPR). GDPR requires organizations to demonstrate that the people they store personal data on have given their explicit consent to data processing and can ask for their data to be erased. Since banks handle extremely sensitive personal information, users demand the highest levels of data protection from them.

The most basic operating principle of behavioral biometric analysis is that personal information cannot be a trusted source of authentication.

For example, a user’s password, email, and mother’s maiden name all constitute data that can be easily stolen, leaked, and traded. In comparison, behavioral biometric data is invisible and irreplicable. 

Revelock undertakes non-intrusive checks during a customer’s online session without storing confidential or private user data while providing banks with the guarantee that users are who they say they are.

To learn more about behavioral biometric analysis read the Revelock blog What is behavioral biometric analysis?.

See for yourself how Revelock works. Get in touch or Request a Demo and we’ll get you connected with one of our experts!


Ken Jochims

Ken has over 25 years of enterprise software product marketing experience delivering fraud prevention, customer support, identity and access management and IT infrastructure solutions to financial institutions and fortune 1000 companies. Prior to Arxan Technology Ken worked for Neustar, ThreatMetrix, Guardian Analytics, Genesys, CA Technologies, NeXT Computer and Apple. Ken received a BS in Engineering Technology from California State University, Long Beach, and outside of work Ken can be found hiking, mountain biking and working on cars.