BioCatch is a leading cybersecurity company dedicated to protecting financial institutions from fraud while reducing friction in user experience. Trusted by more than 196 financial institutions and monitoring over 10 billion sessions per month, BioCatch brings context to every digital interaction—distinguishing genuine users from sophisticated threats.
The Challenge: Monitoring a Complex Data Ecosystem at Scale
BioCatch’s fraud detection system relies on dozens of proprietary calculations (“features”) that output either binary decisions (true/false) or risk scores (0–1000). These calculations power client-specific solutions across multiple device types, products and platforms. Any changes to these components could potentially skew features and influence fraud scores in unexpected ways.
Key Pain Points:
- Dynamic threshold management: Previous monitoring tools couldn’t learn thresholds dynamically and required extensive manual maintenance.
- Limited configuration options: Existing solutions lacked the flexibility needed to fine-tune alert rates to BioCatch’s specific requirements.
- Scale challenges: With multiple inputs influencing scores across several dimensions, manual monitoring had become an impossible task
- Late detection: The team needed to identify changes to scores or input components as quickly as possible, before they could impact fraud risk assessment and erode client trust.
“There are so many moving parts in BioCatch’s ecosystem—our clients’ websites, third-party services and internal ETLs—any change can skew features and unexpectedly impact customer scores. We needed an ML-driven monitoring solution that learns patterns dynamically, without manual thresholds.”
— Shira Mintz, VP Data Science, BioCatch
Why Automated Anomaly Detection Matters for Fraud Prevention
In the fraud detection industry, maintaining accurate and stable scoring systems is critical for:
- Customer trust: Ensuring reliable fraud detection without false positives
- Brand reputation: Preventing fraud while maintaining smooth user experiences
- Operational efficiency: Enabling teams to focus on high-value analysis rather than manual monitoring
- Scalability: Supporting growth without proportional increases in monitoring overhead
The Solution: Anodot’s Cloud-Native Anomaly Detection Platform
BioCatch selected Anodot after evaluating solutions that could meet their specific requirements:
- Cloud-based service requiring no on-premises infrastructure.
- Dynamic learning capabilities that automatically fits optimal confidence band without manual threshold setting.
- Seamless integration with Snowflake and Datadog, for real-time data ingestion.
Implementation and Results
The partnership between BioCatch and Anodot required collaborative iteration to optimize the solution for BioCatch’s unique fraud detection use case. The implementation process involved multiple rounds of fine-tuning to achieve optimal alert configurations.
Primary Use Cases
Biocatch’s data science team uses Anodot to monitor:
- Fraud scores returned to customers
- Internal components (such as user profiles) that influence scoring
- Various inputs across their fraud detection pipeline
Key Benefits Achieved
- Improved Score Accuracy
Early detection of changes to scores and influencing inputs ensures more accurate fraud detection, directly improving both BioCatch’s reputation and their customers’ experience. - Real-Time Monitoring at Scale
Automated monitoring eliminates the impossible task of manually tracking all inputs and scores across multiple customers, enabling BioCatch to scale their operations effectively. - Reduced Maintenance Overhead
Dynamic threshold learning significantly reduced the manual configuration and maintenance required compared to previous monitoring solutions. - Reduced Detection Latency
Issues that previously could go unnoticed for a long duration are now detected within hours, enabling rapid response and preventing prolonged impact on fraud detection accuracy.
Alerts that make a Real (Time) Difference
Several weeks ago, a BioCatch customer made changes to data sent in API calls without informing BioCatch. These types of undocumented changes can significantly impact fraud detection accuracy and typically go unnoticed for weeks. However, Anodot detected the anomaly within hours, enabling BioCatch to respond immediately and maintain score accuracy.
“Customers make changes on their side without understanding the implications to the data we receive and certainly without informing us. Anodot can usually alert on these changes within a few hours, giving us insight into unexpected changes to the data that could have gone unnoticed for weeks.”
— Daniel Gordon, Team Leader, Data Science Group, BioCatch
Measurable Value and ROI
While BioCatch hasn’t conducted formal ROI measurements, the practical value is clear in daily operations:
- High signal-to-noise ratio: False positives are easily filtered out, while true alerts provide extremely high value.
- Rapid response capability: Fast detection enables immediate corrective action before customer impact.
- Prevention of undetected issues: Catching problems that could otherwise persist for weeks without detection
Advanced Capabilities Driving Additional Value
Beyond anomaly detection, BioCatch has leveraged several of Anodot’s advanced features:
- Data enrichment in Anodot
The BioCatch team manages uniform features across multiple data sources. Anodot’s ability to enrich data with source information enables the team to create a focused set of actionable alerts for comprehensive yet manageable monitoring. - Dynamic Routing of Alerts
Anodot’s intelligent alert routing maps specific metric properties to associated channels. BioCatch implemented dynamic routing to ensure the right teams receive only relevant notifications, significantly reducing noise levels within shared channels. - Influencing Metrics
The ‘influencing metrics’ condition allows users to check any desired measurement before triggering an alert for a specific metric. BioCatch uses this feature to incorporate volume measurements into their alerting logic, customizing these conditions to achieve tighter control over false positive rates.
