Aviva Zacks of Safety Detective had the chance to ask Ziv Cohen, Paygilant’s CEO, how his company goes about stopping the bad guys from stealing our data.
Safety Detective: How did you get into cybersecurity and what do you love about it?
Ziv Cohen: I have spent my entire career in cybersecurity, starting 22 years ago. It wasn’t my original career direction, but I just got carried with it because it was so interesting and extremely challenging.
It’s always a cat and a mouse game. You need to understand how the cybercriminals work and then stay one step ahead of them in order to protect your customers.
I have enjoyed cybersecurity from the moment that I started.
SD: What are some industries that use Paygilant?
ZC: It is important that we help our customers reduce the risk which involves their transactions and especially the new mobile channels that are growing very rapidly. We work with banks, payment providers, digital wallets, e-commerce, merchants, and PSPs. The market is so diverse today and it’s just growing more and more with regards to all the FinTech payment channels that are coming up all over the world.
SD: What are the challenges companies face trying to improve their cybersecurity?
ZC: One challenge is to make sure that we keep the risk low without negatively affecting the user experience. We try to balance between the two and provide these two values to the customer so that there will be no trade-off and both will be achieved.
SD: Can you be more specific?
When the use cases where mapped, it came down to three main areas:
- If a customer downloads a bank’s or a merchant’s app on his mobile phone, then this provider sees the device for the first time and sees the user for the first time as well. Hence, it is impossible to compare it with anything that was prior to the app installation and registration. There’s simply no history related to the newly opened account. This is quite challenging because today the companies can’t differentiate between the good and the bad guys without relying on any history.
- There is a lot of transaction fraud, stolen debit and credit cards, that are traded in the underground and used by fraudsters to link to mobile apps and launch fraudulent transactions. So, they need to know whether this card is being used by the real customer prior to processing the transaction.
- Then there is account take over, which we’ve been dealing with for many years. When it comes to mobile, it’s much easier for fraudsters to execute such attacks because they can just replicate the device and make it look like it’s a new device every time they launch a new attack against the bank or the merchant.
SD: How does Paygilant solve these problems?
ZC: Paygilant has designed a system that identifies and analyzes various data points. We don’t just analyze transaction data and then try to understand whether a transaction that a user is currently making fits his normal behavior. We decided to look at the bigger picture and connect the device with the user and then do a very deep analysis, which is based on data intelligence and AI.
From the first second following the installation of the app on the mobile and the registration or login of the user, we are able to classify and very accurately assess the risk. We’re continuously and transparently analyzing additional indicators throughout the entire user journey so that we can accurately differentiate between a genuine person and a fraudster.
Behavior analysis is performed across various layers. For example, how does the user biometrically behave when using the application? We analyze activity using an activity map within the application from the second a customer logs in all the way to the checkout and the money transfer that the user performs.
This way, even if a fraudster manages to steal the identity and the credentials, they will still never know how this user behaves within the application. Our system will raise a flag and indicate that there is something very abnormal with regard to this activity.
SD: How does that work?
ZC: The behavioral biometrics intelligence set includes the screens that this person visits, how much time does he spend on each screen? How does he hold his device? Does he usually hold it with his left hand or right hand, or both hands? What’s the angle and what’s the pressure that he puts on the screen? How fast does he scroll, and what is the size of his fingers?
All characteristics that are uniquely tailored for each person individually are profiled to prevent fraud and authenticate with no friction.
We analyze the user journey not only when the transaction occurs but from the moment that the application is installed and opened on the mobile device, when the user registers, when the user adds a credit card, debit card, or bank account, and, of course, the transaction itself.
We have an extremely high accuracy rate since we factor in so many characteristics and data points from the first moment that we start assessing the risk. By the time this user makes a transaction or pays, we already have a very good understanding of whether that’s a legitimate transaction or fraudulent one. It enables us to reduce the friction points significantly and truly enable this frictionless experience by eliminating the need for passwords, fingerprints, or receiving an SMS with a one-time password (OTP), which is currently part of the payment process.
SD: How do you see the cyber threat landscape changing in the next five years?
ZC: First of all, there’s no question regarding the fact that the providers and users are shifting to mobile, which is a transition we have seen happening throughout the last few years. It’s going to be more and more challenging to identify a person and prevent fraud on the mobile channel with an increase in the number of attacks and the types of attacks related to the mobile device.
For example, attacks such as reverse shell and phone cloning, which involve hackers not only stealing customer’s credentials and their identities, but actually cloning their entire phone environment and running it on their emulators or other mobile phones which are similar to those of the victims. This is taking us to the next level of attacks, which requires linking the entire process from the first moment that there is such an attempt.