Account Takeover – A Dangerous Business
Account takeover fraud is one of the main forms of financial identity theft. Account takeover is an increasing area of financial exposure for businesses. In the past it was limited to financial institutions; however, this type of fraud can take place anywhere an account is used to buy or access private or confidential information, goods and services. A recent example is the theft at StubHub, an eBay subsidiary. In July, six people were indicted in a cybercrime ring that stole $1.6 million worth of event tickets from StubHub.
As an article in American Banker explains about the StubHub hacking incident:
The thieves committed the heist by deploying a technique that poses threats to banks and retailers every day: account takeover. Rather than stealing card or account data, many cybercriminals are committing fraud by simply stealing or guessing login credentials to impersonate legitimate customers and conduct seemingly innocent transactions that go undetected.
Rather than relying solely on passwords, which are often stolen or misused – a good risk-based authentication technology observes user behavior patterns, IP geo-location, device ID recognition, and velocity of behavior patterns, among other criteria, to determine the risk associated with an identity.
Risk-scoring combined with validation of the components of an individual’s identity allows the most judicious use of more intrusive authentication methods. This background assessment can also identify previously unknown risks, and changes in risk situations that might have previously been deemed low-risk. Once the risk has been assessed, decisioning within the workflow issues the most appropriate authentication challenge.
To learn more about how to fight account takeover, contact one of our risk-based authentication specialists.
Recommended For You
Online consumers can make their purchase with various payment options, like credit card, Apple Pay or PayPal. As a result, […]
As an HR professional, it’s your priority to protect employee data. You may not realize it, but responding to employment […]
The CERCA Spring Conference, held on May 16, capped a broadly successful 2018 filing season that saw tax identity theft reduced by […]
As fraudulent attempts increase during account openings and applicants grow less patient with invasive anti-fraud techniques, organizations must find a […]