In 2012, Account Takeover (one mechanism of conducting Fraud) accounted for $4.9 Billion in consumer and merchant losses, which is a 69% increase from 2011 according to “2013 Identity Fraud Report: Data Breaches Becoming a Treasure Trove for Fraudsters” conducted by Javelin Strategy and Research.
Account Takeover in the most simple of definitions is compromising a users account via stealing their log in credentials. We’ve seen enormous spikes in Account Takeover primarily stemming from password stealing malware in email attachments, clicking on unknown links in email or while web browsing, and public wi-fi hotspots to name a few.
Commonly when an account has been compromised the Fraudster can access payment information, change email addresses (to redirect notifications), and change shipping addresses which are all unknown changes to the original account holder.
1. Provides a platform which to discover suspicious login activity and patterns.
2. Identify anomalies in device configurations such as attempting to conceal or hide geo-location.
3. Correlates device information with account behavior to identify suspicious transactions based on changes in device type, time zone, browser type, etc.
When Device Identification and Account Takeover solutions are properly deployed they can dramatically improve the experience for good customers by eliminating unnecessary security checks. This will help to streamline the transaction process or improve conversion rates (for eCommerce Merchants).
Taking steps to protect pages such as login, checkout, or account navigation pages (if properly deployed in conjunction with proper strategy and management) goes a long way to bolstering defenses against Account Takeover. A simple Device Identification check at such portals often yields telling perspective, piercing proxies, going deeper into exposing malicious users. While device identification is commonly used as a one part of checkout centric fraud checks performed by rules engine based fraud tools (like Kount, Accertify, ReD, or Cybersource), it has broader application across websites to authenticate users.