Protect online accounts from unauthorised access
Account takeover fraud occurs when fraudsters use stolen consumer credentials (typically username/email and corresponding passwords) to take control of an existing account. These same individuals may also use stolen personal information to establish new fake accounts. Fraudsters can then use these accounts to carry out unauthorised activities, including loyalty fraud, card testing and creation of fake accounts.
In addition to fraudulent payments, account takeovers may have far-reaching consequences for victims, undermining trust and loyalty among valued customers and causing rapid attrition away from the brand. Make sure you’re taking steps to protect your business.
Protect online accounts from unauthorised access
Stop fraudsters, while providing a streamlined experience for good customers. Account Takeover Protection actively monitors new account creation or login activity on your website to more accurately identify valid transactions versus high-risk requests.
Avert fraud attempts before they take place
Avoid the costs and risks associated with fraudulent transactions and chargebacks. Machine learning plus a flexible rules engine identifies suspicious activity based on requestor’s behaviour, email, device, communications and other attributes. You decide whether to accept, reject, or challenge account related requests—helping stop fraud before it happens.
Preserve customer trust and loyalty
Protect your brand by ensuring customers enjoy a secure online experience. Real-time decisions mean that account creation, login, and changes will be seamless and safe. You can also identify valuable returning customers to provide them with a frictionless path to purchase.
Cybercriminals are using increasingly sophisticated methods to access accounts, including phishing through malware, SQL injection attacks, spyware, Trojans, worms, and botnets (network of machines that can automate an attack.) The now prevalent use of botnets means fraudsters can conduct rapid, large-scale automated login attempts to validate and use stolen credentials. This is known as credential stuffing, and it puts businesses at an even greater risk of account related fraud on their sites. Account Takeover Protection screens for credential stuffing to help keep your business safe.
Stay ahead of card testing attacks
More and more fraudsters are using botnets to superpower their card testing schemes. In these attacks, fraudsters run thousands of low-value transactions on a merchant’s site to “test” the validity of card details. By the time merchants notice, they often face a staggering number of authorisation fees, and the chargebacks may jeopardise their standing with major acquirers and processors. Account Takeover Protection can help identify and block bots or fraudsters prior to logging in and attempting to load and test cards.
Fraudsters are also on the lookout for weak points in loyalty programmes. In this scenario, cybercriminals take over good customers’ accounts to steal reward points and resell or redeem them. Account Takeover Protection monitors high-risk behaviour at account access, purchase and redemption of points—so you can protect your incentive programmes and drive customer loyalty.
Account Takeover Protection and Loyalty Programme Protection work together to screen each user interaction for suspicious characteristics.
The user-friendly Cybersource Enterprise Business Center interface makes it easy to configure risk strategies.
Account Creation, Account Login, and/or Account Update events (such as password changes).
These rules can flag anomalies about the requestors trying to access your systems, such as jailbroken devices or suspicious proxy IP activities. Cybersource can access cross-merchant device data, providing insight into past device usage and other attributes.
This includes the number of times a device is used in conjunction with username, password, name, billing address, phone number and payment card information.
For instance, events originating from new devices for existing customers could be challenged, requiring users to verify their identities before they’re allowed to create, access or change data in their accounts.
Account Takeover Protection operates on the same platform as our payment fraud and risk management solution, Decision Manager, providing the critical ability to share learnings from the payment side to the account review side, and vice versa.
By using Account Takeover Protection in combination with Decision Manager, you can access information about pre-purchase account activity during review. Since Account Takeover Protection uses the same integration, customers can easily add the Account Takeover Protection service.
Enable Account Takeover Protection and start safeguarding your customer accounts today!
Understanding account takeover and its impacts
Learn what account takeovers are and how they can impact a business and its customers.
PROTECT ONLINE ACCOUNTS
How real is the loyalty fraud threat?
Fraudsters who successfully take over accounts will take anything that has immediate or resale value—and that includes loyalty points and rewards.