Sacra estimates that BioCatch hit $160M in ARR in June 2025, up from $145M in 2024.

BioCatch has maintained strong growth momentum, with ARR expanding 43% year-over-year in H1 2024 and 40% in Q3 2024. The company crossed the $100 million ARR threshold in late 2023, achieving centaur status as a private software company.

The customer base has expanded rapidly from 152 financial institutions in November 2023 to over 280 institutions across 25+ countries by mid-2025. BioCatch now counts three of the four largest U.S. banks as customers, with North America business alone surpassing $50 million in ARR. Partner-driven ARR exceeded $10 million in Q2 2025, growing 71% year-over-year.

Voice scams and money mule detection solutions have become increasingly important revenue drivers, growing from 5% of total ARR two years ago to 15% today. The company analyzes more than 15 billion user sessions monthly, protecting over 525 million people across 1.6 billion devices.

BioCatch was acquired by Permira in a $1.3 billion deal in May 2024, following a $40 million growth investment from Permira Growth Opportunities in May 2023. The company has raised well over $200 million in total funding to date.

Key investors include Permira Growth Opportunities, Bain Capital Tech Opportunities, Maverick Ventures, and American Express Ventures. Strategic investors from the financial services sector include HSBC, Barclays, Citi Ventures, and National Australia Bank, reflecting the company's strong relationships with major banking institutions.

The acquisition by Permira represents a significant exit for early investors and positions BioCatch for continued expansion in the behavioral biometrics market under private equity ownership.

BioCatch is a behavioral biometrics platform that prevents financial fraud by analyzing patterns in how users interact with digital banking applications. The company embeds a lightweight SDK into banks' web and mobile applications that continuously captures over 3,000 data points including keystroke dynamics, mouse movements, touch screen behavior, device orientation, and physical attributes.

When a customer logs into their banking app, BioCatch's machine learning models compare their real-time behavioral patterns against their historical behavioral fingerprint and population-level fraud indicators. The platform returns risk scores and reason codes in under 300 milliseconds via API, allowing banks to seamlessly allow transactions, step up authentication, or block suspicious activity without disrupting legitimate users.

The core platform includes several specialized modules. Account Takeover Protection detects anomalies like remote access tool usage or unusual typing patterns that indicate compromised credentials. Account Opening Protection identifies bots and synthetic identities during the onboarding process. Mule Account Detection uses behavioral analysis and network graphing to identify accounts used for money laundering.

The newly launched Scams360 module specifically targets authorized push payment scams by detecting behavioral indicators that suggest a customer is being manipulated by fraudsters, such as hesitation patterns, erratic typing, or the presence of an active phone call during money transfers. BioCatch Trust represents an inter-bank intelligence sharing network that allows participating financial institutions to share behavioral risk data in real-time to prevent cross-institution fraud.

Banks integrate BioCatch through JavaScript for web applications and native SDKs for mobile platforms, with typical deployment taking under 90 days. Fraud analysts access insights through existing case management systems or BioCatch's dashboard, which provides detailed behavioral timestamps explaining why specific sessions were flagged as risky.

BioCatch operates a B2B SaaS model selling behavioral biometrics software to financial institutions through annual recurring revenue contracts. The company monetizes based on the volume of user sessions analyzed, with pricing typically structured around the number of protected users or transactions processed.

The business model benefits from strong network effects as BioCatch's machine learning models improve with scale across its customer base of 280+ financial institutions. The company's Customer Innovation Board includes major banks like American Express, Barclays, Citi, HSBC, and National Australia Bank, creating a collaborative development environment that strengthens product-market fit.

BioCatch has built a partner ecosystem that contributed over $10 million in ARR, growing 71% year-over-year. Key partnerships include integrations with banking-as-a-service providers like Alloy and core banking platforms like Q2, which embed BioCatch's capabilities into broader fintech stacks.

The company's cost structure benefits from the scalable nature of its machine learning platform, where incremental user sessions can be processed with minimal additional infrastructure costs. BioCatch has expanded its team to over 400 employees across 25 countries while maintaining improving profitability metrics.

Revenue diversification has strengthened with newer products like voice scams detection and mule account identification growing from 5% to 15% of total ARR over two years. The BioCatch Trust network creates potential for additional network-based revenue streams as more banks join the intelligence sharing platform.

LexisNexis Risk Solutions combines its ThreatMetrix device intelligence platform with behavioral biometrics capabilities acquired through BehavioSec. The company leverages over 80 billion digital identity events to provide comprehensive fraud detection as part of a single decisioning platform. LexisNexis benefits from deep consortium data and established relationships with large banks, offering one-invoice bundling that simplifies procurement.

Mastercard bundles behavioral analytics through its NuData Security acquisition into Mastercard Identity Check, providing issuers with behavioral biometrics capabilities at reduced cost when routing volume through the card network. This creates potential commoditization pressure for behavioral biometrics in card-based transactions.

Equifax has integrated keystroke and mobile telemetry into its credit risk platform through the Kount acquisition, positioning unified fraud and credit scoring for buy-now-pay-later and SMB lending applications. The company leverages aggressive pricing when customers already purchase credit files.

BehavioSec, now part of LexisNexis but still sold standalone, focuses on continuous authentication with strong adoption among Nordic banks and edge processing capabilities for privacy compliance. The company emphasizes on-device behavioral analysis to reduce latency and data transfer requirements.

Zighra specializes in mobile behavioral AI with low-latency SDK capabilities that appeal to Latin American fintechs operating in regions with inconsistent connectivity. TypingDNA focuses specifically on keystroke dynamics, while newer entrants like UnifyID emphasize passive authentication through gait and other biometric signals.

SEON, Sift, and other generalist fraud prevention platforms have added behavioral analytics capabilities to their existing rule engines and device fingerprinting solutions. These platforms often offer behavioral biometrics as part of broader fraud prevention suites at lower price points, creating pressure on specialized providers to justify premium pricing through superior signal quality and detection capabilities.

The launch of Scams360 extends BioCatch beyond traditional account takeover detection into authorized push payment fraud, addressing a rapidly growing $1 trillion global loss category. This product analyzes behavioral patterns indicating customer manipulation during social engineering attacks, opening new budget categories around call center operations and scam reimbursement mandates.

Mule account detection represents expansion into anti-money laundering applications, allowing banks to apply behavioral analytics to outbound payments and dormant account monitoring. This adjacency monetizes AML compliance budgets and has grown 165% year-over-year in APAC markets.

Voice and call center fraud detection correlates telephony metadata with digital behavioral patterns, creating opportunities to expand into contact center fraud prevention and customer authentication across multiple channels.

BioCatch Trust creates inter-bank intelligence sharing networks that could scale like Visa's fraud databases. The Australian pilot connects five major banks to share behavioral risk data on receiving accounts before money transfers complete. Expansion to the UK and US markets, driven by mandatory scam refund regulations, could create network-based revenue streams beyond single-bank analytics licenses.

The network approach addresses cross-institution fraud patterns that individual banks cannot detect, potentially commanding premium pricing as regulatory pressure increases around scam prevention and customer protection.

BioCatch has added over 50 new customers in the past 18 months, many outside the tier-one banking segment. Partnerships with banking-as-a-service providers like Alloy and digital banking platforms like Q2 embed BioCatch capabilities into mid-market fintech stacks, expanding addressable markets to thousands of regional banks and credit unions.

Latin American markets present significant expansion opportunities as instant payment systems like Brazil's PIX drive fraud losses. APAC markets with real-time payment rollouts across Singapore, India, and other countries create demand for behavioral analytics tuned to local payment rails and fraud patterns.

Model degradation: BioCatch's behavioral models depend on consistent user interaction patterns that could change as banking interfaces evolve toward voice, chatbot, and AI-assisted interactions. As customers increasingly use automated tools or simplified interfaces that reduce the behavioral signals BioCatch analyzes, the platform's detection capabilities could diminish without corresponding product evolution.

Privacy regulation: Behavioral biometrics collection faces increasing regulatory scrutiny around data privacy and consent requirements. New regulations could require explicit user consent for behavioral monitoring or limit the types of behavioral data that can be collected and analyzed, potentially reducing BioCatch's signal quality and forcing costly compliance modifications.

Synthetic fraud: The emergence of sophisticated AI-generated synthetic identities and automated fraud tools that can mimic human behavioral patterns poses a fundamental threat to behavioral biometrics. As fraudsters develop tools that can replicate legitimate user behavior patterns, BioCatch's core detection methodology could face obsolescence without significant technological advancement.