Rhine Waal University of Applied Sciences

Faculty of Society and Economics

Term Paper SS15

Module Innovation Management

Dr. Oliver Serfling

Cyber Security Innovation

Case study of Biocatch

By

Olakunle Solebo 16308

Submission Date: 28.06.2015

 0

Table of Contents
1 Origins and Rationale ....................................................................................................................... 1
1.1 Process of Operation ................................................................................................................ 1
1.2 Remote Access threat (RAT) Detection Features ....................................................................... 2
2 Innovation strategy .......................................................................................................................... 2
2.1 Biocatch Position...................................................................................................................... 2
2.2 Biocatch Network innovation ................................................................................................... 2
2.3 Main Features of that distinguishes Biocatch............................................................................ 3
2.4 Transformational benefits of Biocatch ...................................................................................... 3
3 Innovation Theory ........................................................................................................................... 4
3.1 Market Pull vs Technology Push ............................................................................................... 4
3.2 Coupling Model ........................................................................................................................ 4
3.3 The role of big data .................................................................................................................. 4
3.4 Characteristics of big data ........................................................................................................ 5
3.5 Impact of digitization ............................................................................................................... 5
3.6 Punctuated Equilibrium ............................................................................................................ 6
3.6.1 History of information Communication technology (ICT) from 1950s ............................... 6
4 Conclusion ....................................................................................................................................... 7

References ...... i

Table 1: Development in the ICT industry since 1950s . iii

Figure 1: Cyber Security Innovation Break through .... 6

 1

Introduction

1 Origins and Rationale

Biocatch is an Israeli Security Technology Company founded by Avi Turgeman in January 2010
by Benny Rosenbaum the CEO, an expert and researcher in neural science, machine learning as
well as cyber security. The product is currently deployed in leading banks across North America,
Latin America and Europe. Head office is in Boston, USA. Partners are JANVEST Capital
partner LLC, Blumberg Capital and Our Crowd, with investment of $11.6 million. David
Shamah ( 2014) and CruchBase.com

BioCatch is a behavioral biometric technology and threat detection company that uses over 400
different invisible authentication parameters to help banks and ecommerce enterprises to
authenticate genuine user and prevent fraud by raising alerts to indicate abnormal usage. It
recognizes the peculiar characteristics of the original user while accessing his account and
therefore identifies when a possible fraudulent user has access to your information. This protects
the organization from risk of account takeover, malware, remote access attacks (RAT) and post
log-in attacks as well as suspicious behavior. The main focus is on providing security that
increases functionality and customer loyalty. Julie Schicktanz (2014), Frost and Sulliva (2014)

1.1 Process of Operation

BioCatch build an invisibly profile of each web and mobile app user, that way they capture their
typical behavioral characteristics during online interaction. Once complete, an uncharacteristic
usage patterns can be identified as fraud.
Biocatch is created to receive real-time alerts when intruders and threats are detected e.g. RATs
and malwares, new account setup, account takeover crimes, device or network spoofing, and a
non-genuine profile behavior. Biocatch company overview (2015)

The following analyses are done automatically;

Navigational analysis: how the user moves and click while accessing his account, his
cognitive choice analysis and patent pending invisible cognitive challenges
Cognitive Profile: User preferences, Application Flow and Speed during access
Physical Profile: User Motion, Handedness, Eye-Hand Coordination
 2

Device and Network: his IP address, Hardware features and Software

Mobile device Usage:how you hold and use your device, How fast the user types,
viewing angle

1.2 Remote Access threat (RAT) Detection Features

It spots the act of malware by identifying non-human moves

Detects emerging threats such as RAT (Remote Access attacks) by identifying behavioral
inconsistencies associated with latency
Detect typical criminal behavior and profiles confirmed account takeover crimes
Identify threats at first attempt by sharing specific criminal cognitive signature across all
customers

2 Innovation strategy

Michael e. Porter (2011) distinguished between operational effectiveness and strategy. Though
the various management tools such as productivity, speed, quality etc. are necessary conditions
to improve operations of a business, these sometime still dont translate to gains if management
does not take a clear strategic position in the market.

2.1 Biocatch Position

Although Biocatch can be seen as Late Comer in the Cyber security industry and not a First
Mover in Biometric Authentication, They have however established a Niche market in
Cognitive Biometric Authentication and malware detection technology for mobile and wed
applications. Biocatch has positioned them self as the Market Leader in this new market since
there is simply no product that meet consumer demand in that same way.

2.2 Biocatch Network innovation

Cognitive biometry authentication is surely reliance on the verse inter-organizational networks

and interdependent with technical sub-fields such as existing internet, mobile sensor, password,
 3

IP as well as gyro, accelerometer, touch and a host of network some of which are reflected in
table 1. (attached)
Soh and Roberts (2003) noted that rise of dominant designs and associated networks of
innovators, ushers in the eras of incremental change. Interface compatibility and the strategic
alliances which are distinctive feature in communications technologies and its complexity which
has given birth to the innovation into alternative systems or upgrades to provide total customer
solution.

2.3 Main Features that distinguishes Biocatch

Biometric-Grade Security: The use of secret questions that verifies the users identity
against cybercriminals using malware and social engineering
Improved Usability: Frictionless and one time password request to avoid distortion of
user experience
Mobile-ready: Can works with any mobile device
Continuous Risk Management: Constant level of monitoring and risk management
throughout the session
Lower cost of Operation: Marginal cost of additional user is zero as nothing as no
hardware is required
Regulatory Compliance: BioCatch offers an effective way to meet the regulation without
adding friction or high operational costs.

2.4 Transformational benefits of Biocatch

Marco Iansiti and Karim R. Lakhani (November 2014) noted that digital signals can be perfectly
transmitted without error, unlike analog; the application should therefore not alter the platform of
the signal. This is a veritable characteristic of the behavioral biometrics technology adopted by
Biocatch.
The use of digital signal makes it possible for indefinite usage without any degradation. Once
investment has been made in the product, the service can be enjoyed with maximum security at
zero marginal cost.
It then protect privileged user access (e.g. system administrators, dbas)
 4

It protect corporate mobile applications against unauthorized usage and add a biometric
factor to remote access control
improve user experience and lower it costs in web, mobile and cloud Frictionless usage

3 Innovation Theory
3.1 Market Pull vs Technology Push

Cornelius and Christopher (2000) noted that the success of an innovation project strongly
depends on the degree to which its management is aligned with the specific context. A relevant
context factor of innovation projects is if the innovation is initiated primarily through a
technology push or a market pull situation.
The push argument is that innovation is driven by science, which in turn drives technology and
its application. While the pull argument suggests that user demand is the primary factor and that
markets users and applications are the key drivers of innovation. Implicit in a pure version of
either side of the debate is a linear model of the innovation process with science at one end and
markets or users at the other. Shyam and Henry (March 1993)

3.2 Coupling Model

Although Biocatch innovation in behavioral biometric security technology is grossly driven by

the market desire and the need for a secured transactions online as the structure of business
models are now highly reliance on E-commerce and online financial transactions. One can say
that the persistent curiosity of scientists, constantly pushes inventors to persist in looking for a
more convenient, safe and secured ways of preventing cyber criminals from the internet world.
These combined characteristics of technology push and market push suggest that this innovation
can be better explained by a coupling model.

3.3 The role of big data

Biocatch uses the power of insights provided by big data to instantaneously establish who did
what, when and where? Biocatch solution data can be incorporated into Big Data stores to
further correlate behavioral biometric data with other transactional and personal information.
 5

David Kuketz (October 2012). Timely insight from the vast amounts of available data such as
those already stored in the remote sensors and the companys database, also from third party
sources like the Internet and social media. Ability to find, extract, analyze and visualize data with
the tools of choice.

3.4 Characteristics of big data

Existing Internet, ecommerce, social media and remote sensors facilitated the success of
Biocatch
The product is able to manage vast amounts of data with validation and verification.
Speed, security mobility and stability of site usage in real-time monitoring and
forecasting of events
Ability to find, acquire, extract, manipulate, analyze, connect and visualize data
To Mitigate risk and improve decision
Biocatch technology works in combination with common business features such as Password,
biometrics and Tokenization to achieve its maximum efficiency.

3.5 Impact of digitization

Today the number of personal computer (PC) users worldwide has increased from 100 million
people in 1990 to 1.4 billion in 2010. Statistics in 1990 shows that there were about 10 million
mobile phones users the world over in 1990 this figure has also increased tremendously today to
over 5 billion users. While the number of Internet users also grew from 3 million to 2 billion
over the same decades. These figures continued to increase geometrically today. Karim, S.et al.
(2012)

Ubiquity: Customers of Banks and other financial institutions worldwide will have the
opportunity to be protected against RATs and malwares
Affordability: Biocatch service has zero cost to customers of Bank. It increases customers
confidence to user the online banking platform for banks services. Therefore reducing the
marginal cost of servicing customers
Reliability: The quality of Biocatch supercedes that of conventional password and Token which
can be compromised. Biocatch is invisible
 6

Speed: The service is online real time anywhere.

Usability: The service does not require anything from the user. It only observes the users
character during usage and identify deviation when a fraud is about to be carried out
Skill: No particular skill is required to use the technology.

3.6 Punctuated Equilibrium

Abernathy and Utterback (1978) identified Punctuated equilibrium as a situation where the long
period of incremental improvement in an industry is interrupted by a short period of radical and
game changing innovation. A punctuated equilibrium may occur when users of a technology
decide to go with the technology with the better performance. Of Couse this can happen if there
is a positive externalities and elimination of uncertainty in the evaluation of a new technology.

Created by: Solebo O.T

Figure 1 above shows a significant breakthrough in the innovation of Cyber security since the
first introduction of firewall in the 80s, as shown in table 1. Further research has continued to
create better ways of preventing computer and internet threat. Biocatch has been very successful
in this area.

3.6.1 History of information Communication technology (ICT) from 1950s

Early discovery in information communication technology (ICT) was dominated by invention in

different forms of computer memory such as magnetic tapes and vacuum tubes. Analyses in
 7

Table 1(attached) show some outstanding innovations in the communication industry since the
50s. The advent of mainframe computer in the 50s has been an outstanding discovery and
breakthrough in the ICT industry which paved the way for the later part of the century. Computer
and internet communication also came with if limitations which created avenues for other
investment opportunities especially in the Cyber security area.

4 Conclusion

The choice of Biocatch by companies like Microsoft and Barclays bank is no only influenced by
their position as a market leader in the Cognitive Biometric Authentication technology, their
choice is greatly influence by the Positive externalities that is accrued to the product and its
increasing returns. Positive externality of this product is the benefit that results from other users
whose system does not have the Biocatch device. In other words, wider acceptance of the
technology increases its Marginal usefulness of Biocatch as a Cyber security protection. This is
because it reduces the total number of Cyber-crime as criminals observe that it is becoming more
difficult to default user. These Positive externalities can also be referred to as "bandwagon"
adoptions (Abrahamson and Rosenkopf (1997)
 i

References

ARPA (DARPA)(2004) Velocity Guide <http://www.velocityguide.com/internet-history/ arpa-

darpa.html> (accessed 20 June 2015)

David Kuketz (October 2012) The 7 Biggest Business Benefits from Big Data. info@utopia.com
link http://www.utopiainc.com/insights/blog/381-7-biggest-business-benefits-from-big-data
(accessed April 18)

David Kuketz (October 2012) The 7 Biggest Business Benefits from Big Data. info@utopia.com
link<http://www.utopiainc.com/insights/blog/381-7-biggest-business-benefits-from-big-data>
(accessed April 18)

David Shamah (June 2014) Mouse movement cyber-security firm BioCatch raises $10m
Isreali Times CruchBase https://www.crunchbase.com/organization/biocatch accessed (July 28
2015)

Frost and Sulliva (2014) http://biocatch-files.azurewebsites.net/F&SAwardFINAL.pdf

Isreali-Technology-Company(2012-2015)
<http://sheldonfred.tumblr.com/post/89736693542/cyber-security-firm-biocatch-raises-10-from>

Internet world statistics (2014) usage and population statistics

http://www.internetworldstats.com/stats.htm

Julie Schicktanz (October 2014) Finovate Debuts: BioCatch http://finovate.com/finovate-debuts-

biocatch/ (accessed April 16, 2015)

Karim, S.et al.(2012) Maximizing the Impact of Digitization

http://www.strategyand.pwc.com/media/uploads/Strategyand_Maximizing-the-Impact-of-
Digitization.pdf?frombooz=1 (accessed April 17, 2015)
 ii

Loch c. h. and Huberman b. a. (march 1997) a Punctuated-equilibrium model of technology

diffusion. A working paper in the INSEAD Working Paper Series is
<http://www.insead.edu/facultyresearch/research/doc.cfm?did=46571>

Marco Iansiti and Karim R. Lakhani(November 2014) Digital Ubiguity: How Connections,
Sensor , and data area Revolutionising Business

Michael e. Porter (2011) What is Strategy. https://hbr.org/1996/11/what-is-strategy

(viewed 28 July 2015)

Raphael Cohen-Almagor (June 2011) Internet History International Journal of Techno ethics,
University of Hull UK, 2 (2), 45-64, April-June 2011 45
<http://www.hull.ac.uk/rca/docs/articles/internet-history.pdf> (accessed 28 June 2015)>

Raphael Cohen-Almagor. (April-June2011), Internet History. University of Hull UK,

International Journal of Techno ethics, pgs 46-57
http://www.hull.ac.uk/rca/docs/articles/internet-history.pdf (accessed june 17, 2015)

Regan Brown (October 2014) Computer security threats: A brief history

<https://powermore.dell.com/technology/computer-security-threats-brief-history/>

Sherman .F (2014) Advantage and Disadvantages of Cognitive biometric

<http://www.ehow.com/info_8554388_advantages-disadvantages-cognitive-biometrics.html>
(Accessed April 18 2015)

Soh, P.-H. & Roberts, E. B. (2003), 'Networks of innovators: a longitudinal perspective',

Research Policy 32(9), p. 1574, DOI: 10.1016/S0048-7333(03)00065-9

Zetta.net (2015) History of computer storage .innovation from 1928to today

http://www.zetta.net/history-of-computer-storage/
 iii

Table 1 Development in the ICT industry since 1950s

Year Computer Internet Internet security
1950s Mainframe computer, Magnetic core memory, A.K.A Satellite space lunch 1945- Computer
Ferrite-core memory, SPTNIK Bugging
IBM, Common-Business Oriented Language (COBOL)
1960s Dynamic Random Access Memory (DRAM), ALGOL, Network control protocol Telephone freakers
FORTRAN, Space war, minicomputer, super computer (NCP), ARPANET, {free phone call}
1970s Bubble Memory Satellite network File sharing , free phone call using
Floppy Dick, Random Access Memory RAM SATNET. TELNET, ARNET- toy to unlock AT&T
Internet lines
1980s Compact Disc Dot Com Bubble. (Internet virus)
Compact disc Read-Only-Memory (CD ROM) E-commerce interconnections Introduction of
Digital Data Storage (DDS), Microsoft windows NSFnet, BITNET, ARPANET, FIREWALL
WWW
1990s Magnetic Optical Disc Minidisc MOD (PDF) storage of Internet Societies Evolution of internet
digital data popular encryption program security, Encryption
Digital Linear Tape (DLT) PGP(Pretty Good Privacy) Pretty Good Privacy
Compact Flash (CF) Web page, (PGP)
Zip drive, DVD, Flash memory card, multimedia card, Internet Ubiguity
USB etc WWW, Yahoo, Homepages and
bookmarks, Mobile internet.
2000s Secure Digital Card (SD) Internet Service Providers Cybercrime
Blue ray, XD picture card (ISPs), Convention on Firewall Enhancement
Windows Media High Definition Video (WMV-HD) Cybercrime,Firewall Protocol (FEP),
High Density Digital Versatile Disc Enhancement Protocol (FEP), Antivirus, javascript,
Holographic PDF firefox, Wikipedia, Internet cryptography
social networking, MySpace
WebsiteFacebook, YouTube.,
Twitter,
2010 Smart phones Android, Google chrome, cloud Advanced Evasion
computing Techniques (AET),
BIOCATCH