Use Case · Account Takeover

Stop account takeover before money moves.

Valid credentials no longer mean a valid customer. Loci keeps verifying the human behind the session, so takeover surfaces at the payee change, not in the complaint queue.

caught mid-session, not post-loss step-up only when risk is real signal-backed decisions
The Problem

The takeover happens after the checks stop.

Point-in-time authentication verifies the front door and then trusts the session for the rest of its life.

Credentials are commodities

Phished, leaked, and purchased credentials pass every login check. The attacker arrives authenticated.

Hijack lives past the login

Session theft and remote-access takeover start after authentication, exactly where one-time controls stop looking.

Blanket friction backfires

Challenging every customer drives abandonment, so institutions under-challenge and absorb the losses instead.

How Loci Stops It

Keep verifying the human, not the password.

AccessGate builds behavioral baselines from session, device, and interaction signals, then re-evaluates trust at sensitive steps. When typing rhythm, mouse dynamics, or network context stop matching the customer, the host flow can challenge, review, or block the action before completion, and session risk can be passed into transaction monitoring.

Behavioral Intelligence
// AccessGate · mid-session re-evaluation
{
  "decision": "review",
  "action": "challenge",
  "risk_score": 82,
  "signals": [
    { "name": "behavioral_biometrics",
      "detail": "input pattern off learned baseline" },
    { "name": "network_reputation",
      "detail": "datacenter ASN, new to account" }
  ]
}
Behavioral baselines
AccessGate

Per-account baselines from typing, mouse, touch, and navigation signals. Deviation is measured against the customer’s normal interaction pattern, not only a global average.

Explore →
Continuous decisions
AccessGate

Sensitive steps can re-evaluate the session and return allow, challenge, review, or block decisions in real time.

Explore →
Transaction correlation
MADIE

When integrated with Loci transaction monitoring, session risk can feed the payment decision so risky access and risky money movement are evaluated together.

See MADIE →
Session-aware cases
Case Manager

Session and device evidence is preserved so investigations can include devices, signals, and the moment behavior drifted.

Explore →
Get Started

See a hijacked session get caught live.

A 30-minute walkthrough of continuous authentication on your own flows: login, payment, payee change, and recovery.