What does account takeover fraud mean?

It is a fraudulent activity aimed at gaining access to your customers’ accounts and further defrauding you or simply stealing your customers’ money.

What is an ATO or account takeover?

Account takeover fraud is a form of digital identity theft, where fraudsters use stolen account credentials to gain control over your customer’s profile for further illicit gain.

What is ATO in fraud?

Due to the rapid increase in synthetic identity theft cases, ATO fraud is becoming more and more widespread. It enables the fraudsters to take control of your customers’ accounts and use this for further financial gain or to defraud you and other customers.

An Intelligent Response To Account Takeover (ATO) Fraud

Q: What type of fraud is an account takeover?

It is a form of identity theft, where a fraudster gains illegitimate access to your customer’s account credentials and then changes them to prevent a lawful owner from logging in. Ultimately, this results in loss of business, profits, and reputation.

While not business-critical, account takeover or ATO fraud is one of the more widespread and quite devastating types of cyberattacks. Unfortunately, unlike other types of CNP fraud, this one can’t be handled by issuing banks or payment processors. Thus said, takeover protection is the sole responsibility of an online merchant, which leads us to the topic of this article. How do you identify and prevent an account takeover attack, or how to recuperate from its consequences? Let’s take a closer look, based on Covery’s experience as an anti-fraud system working with the US, UK, and EU customers.

What type of fraud is an account takeover?

Account takeover attack is a type of multi-step identity fraud, where fraudsters perform many small and seemingly insignificant steps which ultimately lead to loss of account ownership and business relations with a customer.

As such, it can be very detrimental for your business and should be identified quickly to give you a chance to prevent the negative outcome. The hardship here is that the steps of account takeover fraud are the same as legitimate changes many customers do regularly:

update of PII on file
change of password
change of credit card details
adding authorized account manager
adjusting email settings (adding a cc email address) to retain control even in case of a forced password reset
many, many more, which happen in the thousands daily.

Thus said it’s quite hard to analyze such actions in real-time and discern between legitimate and fraudulent ones.

How do you prevent account takeover then?

Reliable ATO fraud prevention

The best approach to account takeover protection is to analyze all customer actions on the fly, highlight potentially fraudulent ones and halt them before the fraudster can take control of the account. Naturally, this is impossible to do manually 24/7. How to make it happen then?

Covery combines several features to ensure reliable ATO fraud prevention:

Trustchain — a global reputational knowledge base. It stores more than 500 million records about the reputation of various account identifiers like email addresses, phone numbers, IBAN for SEPA or BIC for SWIFT numbers, etc.

If any of these identifiers are marked by any Covery community member as a part of a fraudulent scheme, all other Trustchain users are immediately notified if any of them are ever used again by their customers. This helps detect ATO fraud attempts as early as account registration and during all other steps of the customer journey.
Supervised ML. Covery uses a customizable ML algorithm that analyzes current customer actions and behavioral patterns and correlates them with logged activity to identify abnormal actions on the fly and highlight potential account takeover in progress.
Device fingerprinting. During every session, every device transmits a bunch of hardware and software IDs that help create a digital fingerprint of this device. By capturing these details, Covery is able to build a profile of every customer and immediately flag unusual activity.

For example, when a customer that always logged in from Texas in the evening logs in from Nairobi in the night, from another device and proceeds to change the account password immediately — you can be pretty sure ATO fraud is in progress.
Risk-trust scoring. Sometimes customers adjust their normal usage patterns legitimately — like when going for a road trip and using a public WiFi IP address instead of their usual home IP address. All such adjustments are automatically analyzed by the aforementioned anti-fraud solutions, and every transaction gets a risk score from -100 to 100.

As a result, low-risk customers can skip some verification steps to have a smoother customer experience, while high-risk transactions can result in additional checks with 3D Secure and other scenarios. Covery offers a configurable risk logic engine with 15 predefined scenarios for 23 industries and an ability to create as many specific scenarios as you need.

All of these measures working as a part of end-to-end risk management and anti-fraud solution ensure Covery provides reliable ATO fraud protection and timely prevention.

Conclusions

Account takeover is one of the most widespread and damaging forms of identity theft. If ATO fraud is left unchecked, losses to your bottom line and business reputation can quickly mount. Real-time automated takeover protection is essential to ensure long-term business success and growth.

As an end-to-end anti-fraud system, Covery has all the functionality needed to handle your daily risk management tasks — from KYC automation and account takeover prevention to chargeback solutions. Contact us for a free demo and see for yourself the value Covery can deliver for your business! Do you know of someone who needs such services? Tell about Covery, as every online business deserves a reliable anti-fraud system!