Paygilant looks at how the user interacts with the mobile application to determine if the interactions are consistent with a legitimate user. For example, some users directly transfer money/pay directly after logging in to the app, while others check their account balance prior to transacting. Such individual preferences enable Paygilant to identify user anomalies which may indicate fraud.
Paygilant observes bio markers to identify the user behind the transaction. Common bio markers Paygilant observes include touch time, time between touches, size of touch inputs, finger velocity, scrolling pace and drag length, typing biometrics, and more.
Paygilant’s robust bio markers are just one of the several intelligence sets that make up the broader solution and is designed to augment the fraud/no-fraud decision that precedes any step-up authentication request.
Various attributes observed on the device can contribute to the detection of fraudulent behavior and to the derivation of a device ID. The Paygilant engine generates unique device identifiers using proprietary algorithms going beyond standard parameters and taking the accuracy of fingerprinting to the next level. Our methodology utilizes machine learning models to match the device ID and the user’s identity.
Intelligent, privacy preserving analysis of user data on the mobile device provides valuable insights into fraudulent activities. User data analysis is especially helpful in hard-to-analyze scenarios like new account origination, where there is no established history for the user/account. User data provides a snapshot of the mobile device environment, to distinguish a legitime user from a fraudster.
The ability to track and link devices with accounts has proven very helpful in detecting account takeover and other forms of fraud. In order to generate a robust device DNA, Paygilant applies proprietary techniques to derive a unique ID from a combination of device parameters and user data. The outcome is a unique identifier that is both hard to forge and robust against changes to the mobile device environment.
Paygilant employs propriety transaction behavioral maps. The behavioral maps represent the purchasing patterns/spending habits of a specific customer and are created using Paygilant's proprietary machine learning algorithms. Paygilant utilizes its depth of field (DOF) technology to create a multi-dimensional in-depth behavioral profile that provides a clear, high resolution picture of the different risk zones and is a key factor in determining the risk of a specific transaction.
The intelligence sets described above – transaction data, app interactions, bio markers, device attributes, user data and device ID – are the key to Paygilant’s distinctive ability to detect mobile fraud. While other vendors use a single layer to determine fraud, Paygilant weave of all six intelligence sets provides unmatched viability to the legitimacy of the transaction. At various stages of the users’ journey, Paygilant’s six intelligence sets operate as fraud-indicator building blocks providing insight immediately, once a user has downloaded the app.
In exceptional cases where additional verification is required to determine whether a transaction is fraudulent or legitimate, step-up authentication is triggered. In those cases, Paygilant triggers a user- challenge that can take on any one of many forms – Touch ID, facial recognition, voice biometrics, PIN request, one-time code over SMS, knowledge-based authentication, etc.
As a rule, Paygilant is designed to trigger any of the above authentication options, based on the associated risk, making the authentication process as frictionless as possible.
3D Secure 2.0
Paygilant has also implemented 3DS 2.0 spec to allow selectively shifting liability to the issuer when detection results point to possible fraud. In such cases, Paygilant will collect the required data and package it in the appropriate format to send to the issuer. Once the data is sent, liability is shifted to the issuer, and control of the authorization process relinquished to the issuer.
Paygilant implements the 3DS 2.0 spec in its SDK so Paygilant customers can fall back on the 3DS option as needed.
Paygilant works with all stakeholders of the financial and eCommerce ecosystem to detect and prevent mobile payments fraud. Our patented technology combines deep inspection of the user and mobile device with analysis of historical patterns, to allow our customers to detect new account, account takeover and transaction fraud.
Paygilant is the recipient of an EU Commission Horizon 2020 grant, and an alumni of the Citi Innovation Lab, IBM Alpha Zone, and MasterCard Challenge.