BioCatch unveils DeviceIQ to combat AI-driven fraud

By Vriti Gothi

BioCatch has introduced DeviceIQ, a device intelligence and identification solution aimed at helping financial institutions reassess how they evaluate device trust in an increasingly AI-driven fraud landscape.

The launch reflects a growing challenge for banks as traditional device identification methods become less effective against sophisticated evasion techniques such as emulators, spoofed devices, cloaked browsers, and jailbroken systems. The emergence of agentic AI tools and automated browsing technologies is further complicating detection by decoupling user behaviour from conventional device signals.

DeviceIQ is designed to address these gaps by enabling persistent device recognition across web and mobile environments while continuously evaluating device health in real time. Rather than relying on static identification, the platform reassesses trust for every digital banking session, allowing banks to detect potential risks earlier in the customer journey.

A key differentiator lies in its network-driven intelligence model. Drawing on insights from across BioCatch’s broader ecosystem, the solution provides contextual signals on whether a device has been linked to fraudulent activity such as scams, mule accounts, or account takeovers at other institutions. This approach signals a shift from isolated fraud detection systems towards more collaborative, intelligence-led models.

The platform also introduces pre-authentication risk detection, identifying compromised devices before login attempts occur. By detecting indicators such as unauthorised code execution, missing sensors, or device tampering, banks can block or flag high-risk sessions before credentials are entered—an increasingly critical capability as fraudsters target earlier stages of the digital banking flow.

From a regulatory standpoint, DeviceIQ is positioned to align with global privacy requirements by avoiding the collection of personally identifiable information, instead relying on pseudonymised data to generate device identities. This reflects the broader industry tension between strengthening fraud controls and maintaining compliance with data protection standards.

Complementing the core offering, DeviceIQai introduces capabilities to distinguish between human-led interactions, AI-assisted sessions, and fully autonomous agentic activity. It also flags potential deepfake attempts by identifying the use of virtual cameras or pre-recorded media, addressing a growing threat vector as synthetic identity and impersonation attacks increase.

International Data Corporation (IDC) research director Sam Abadir noted that fraud prevention strategies are shifting toward earlier detection points. “Device-level intelligence collected before authentication gives risk teams a more complete picture of session context,” he said, highlighting the limitations of relying solely on login-based identity checks.

The introduction of DeviceIQ underscores a broader industry transition toward multi-layered, AI-aware fraud prevention frameworks. As digital banking ecosystems expand and adversaries adopt increasingly advanced tools, device intelligence is emerging as a critical control point in maintaining security without adding friction to the user experience.