DEMO

The Impact Of Account Takeover

September 7, 2021
no comments

Phishing and data breaches are not new. Many attacks have resulted in stolen customer account information. Various businesses are targeted. But perhaps among the most targeted victims of fraud are financial institutions. News of attacks has prompted different institutions to strengthen their cyber security. Some have included multifactor authentication, adding passwordless and biometric authentication along with other security measures like OTP. In doing so, they have reduced the risks of falling victims to different fraudulent activities.

Account Takeover

One type of fraud that financial institutions should be wary of is Account Takeover (AT)). It happens when fraudsters use the credentials of the account holder to access legitimate banks, payment service providers (PSP), or merchant customer account. Commonly taken information includes bank and card account credentials, username and passwords, and personally identifiable information (PII).

In 2020, the number of successful monthly fraud attempts to financial services firms grew by 42%. Between the second quarter of 2019 to the second quarter of 2020, there was a 282% increase in ATO fraud attempts to steal from e-commerce merchants, as well as consumers.  

How It Happens

There are many ways ATO attacks happen. Some fraudsters start by harvesting personal information. Using the data, they will conduct targeted phishing campaigns and gain unauthorized access to accounts. 

Another way is credential stuffing, fraudsters use bots to compare lists of stolen credentials with different websites to find matches. Once they gain access to an account, they will be able to alter the details. Other possible activities they can do are add another name or redirect notifications and communications from financial institutions. 

The Impact

ATO attacks do not only affect financial institutions, merchants, and payment channels. The most affected may be the customers as it is their identity being stolen and used. 

The affected customer may find themselves locked out of their account. They may even be unaware of the attack until they are informed of the unauthorized transactions through their bank or card statement. Additionally, their personal information is compromised.

The business itself will also suffer from the impact of ATO attacks. They can suffer financial losses. There may be chargebacks. Customers may demand refunds. The business may also spend money and time in disputing and/or processing said chargebacks.

At the same time, they will experience a hit on their reputation. Clients may lose trust and decide to leave the company. Thus, reducing future revenues. 

The best protection against account takeover is security. Consider adding more authentication at different steps in the customer journey. Aside from asking for passwords and PII, add biometric authentication and passwordless authentication.

Previous PostNext Post

Related Posts

multifactor authentication, authentication, noknok
September 21, 2021

Authentication At Every Step: How It Helps Fight Fraud

Passwordless authentication, Multi-factor authentication, Biometric security, noknok
September 20, 2021

Nok Nok Products Goes To Amsterdam: Money 20/20 Europe

Leave a Reply

Subscribe

Latest Posts

multifactor authentication, authentication, noknok
Authentication At Every Step: How It Helps Fight Fraud
September 21, 2021
Passwordless authentication, Multi-factor authentication, Biometric security, noknok
Nok Nok Products Goes To Amsterdam: Money 20/20 Europe
September 20, 2021
passwordless authentication, biometrics authentication, noknok
Understanding New Account Fraud And How To Fight It
September 14, 2021
Next Level Metal Credit Cards
August 25, 2021
The First Internet ID and Payment Card is Here
August 13, 2021

Twitter

Bad Authentication data.