BioCatch, a US-based fraud prevention company specialising in behavioural intelligence, has announced the launch of DeviceIQ, a device identification and intelligence product designed to help financial institutions assess the trustworthiness of devices used for digital banking, addressing limitations in traditional device identification approaches.
Conventional device identification relies on signals that are increasingly circumvented by techniques such as device emulation, spoofing, cloaked browsers, jailbroken devices, and data wiping, which allow fraudsters to reuse the same physical device repeatedly while evading detection. The emergence of agentic browsers and AI-powered tools adds further complexity by separating user actions from the device signals that banks typically rely upon.
Core capabilities and network intelligence
DeviceIQ establishes persistent device identity across web and mobile environments, recognising legitimate device upgrades and app reinstalls without prompting unnecessary re-validation for genuine users. Pre-authentication checks detect jailbroken devices, missing sensors, and unauthorised code attempting to intercept or modify banking app activity, enabling institutions to block or flag compromised devices before login is attempted.
Furthermore, the product draws on intelligence from across BioCatch's full client network, providing context on whether a device has previously been associated with mule activity, scams, or account takeover at other institutions, going beyond traditional blocked-device lists to enable cross-institution fraud prevention. DeviceIQ integrates with BioCatch Connect via a single SDK, consolidating behavioural, device, transactional, and application intelligence into one platform.
In an early deployment at a large US financial institution, DeviceIQ detected nearly 60% of genuine device upgrades within its first two weeks, enabling seamless device transitions. Devices flagged as high risk by DeviceIQ were nearly 13 times more likely to have evaded the institution's previous defences than those assessed as low risk.
An additional module, DeviceIQai, differentiates between human-led sessions, human-agent hybrid sessions, genuine agentic AI sessions, and fraudulent agentic activity, and flags potential deepfake attempts, including virtual cameras and pre-recorded authentication media.
Commenting on the launch, Ayelet Eliezer, Chief Product Officer at BioCatch, said fragmentation across multiple device and risk tools drives up cost and reduces efficacy, and that DeviceIQ enables banks to evaluate all risk signals in one place to stop fraud earlier and prepare for an AI-driven threat environment.
