In our latest eCommerce fraud report, we discovered that fighting fraud without interrupting the customer experience is a top priority for eCommerce businesses globally.
Offering customer accounts and loyalty programs can build seamless experiences for customers. But with account-related fraud becoming more common, protection at the account level should be a priority as well.
What is account-related fraud?
Account-related fraud occurs when fraudsters use stolen consumer credentials to take over an existing account or create a fake account to carry out unauthorized activities. The use of stolen credentials, usually a username or email with a corresponding password, makes it difficult to identify these activities.
Some common forms of account-related fraud are:
- Account takeover: Fraudsters use stolen credentials to access an existing account, change information, and lock customers out, leading to a host of other unauthorized account-level activities.
- Loyalty fraud: Reward or loyalty points carry real value for fraudsters, who are looking for weak points in loyalty programs that they can exploit. Often seen in the travel industry, loyalty fraud can ruin brand perception and create costs associated with reimbursement.
- Card testing: Fraudsters use botnets to run low-value transactions on your site to validate stolen or credit card details. This often leaves the merchants on the hook for authorization fees and chargebacks.
- Fake account creation: The creation of fake accounts with stolen credentials is another way fraudsters can gain access to your system and engage in unauthorized activity like card testing.
- Bad transactions: Keeping fraudsters at bay at the account level is another way to limit bad transactions and associated fees before they take place.
These types of account-related fraud can have negative impacts on business revenue and discourage customers from interacting with your business. These impacts, and others, make preventing fraud at the account level an important consideration in your fraud strategy.
How can you prevent account-related fraud?
Fraudsters use a variety of ways to steal consumer credentials, such as phishing attacks. In instances where you can’t prevent your customers from falling victim to these attacks, you can still try to protect their accounts on your site.
Cybersource’s Account Takeover Protection is designed to keep customer accounts secure by identifying and blocking suspicious activity.
Account Takeover Protection:
- Monitors account events: Set up profiles for events you want to monitor like account creation, log in, and updates. These profiles flag any suspicious behavior connected with these events.
- Profiles requestor attributes: Examines the requestor’s profile, flagging any behavior from suspicious requestors for you to approve, decline, or challenge.
- Provides performance reports: Get insight into which profiles and rules are triggering with associated reject, approve, or challenge outcomes. These insights can help you continuously improve your account protection strategy.
Account Takeover Protection easily integrates with Cybersource’s Decision Manager. The two solutions are hosted on the same platform, allowing you to share learnings that can enhance your fraud strategy.