As financial institutions move forward in 2018 faced with an expanding range of potential security threats, one danger that businesses need to be prepared for is account takeover fraud.
With relatively recent developments such as the widespread rollout of EMV chip technology in the US offering better protection against more traditional types of card fraud, criminals are turning their attention to other, more lucrative schemes. Account takeover is one strategy that is becoming increasingly prevalent.
A mixed picture on cybercrime prevention
Recent research has shown a mixed state of affairs for financial services providers where cybercrime is concerned. There have been encouraging developments in the fight against fraudsters, but evolving typologies and new risks mean banks cannot rest on their laurels.
According to the 2017 Cybercrime Report from digital identity firm ThreatMetrix, digital businesses stopped a record 700 million attacks on consumer transactions last year. This is partly linked to recent growth in consumer transactions and the fact that the volume of attacks has risen by 100 percent over the past two years.
Using data from its global network, which analyzes some 100 million transactions a day, ThreatMetrix concluded that fraudsters are “no longer looking to make a quick buck from stolen credit cards”, and are “targeting more ambitious attacks that produce long-term profits”, such as account takeovers. More than one in nine of all new accounts opened in 2017 were reportedly fraudulent.
Other key figures showed that the frequency of account takeover attacks has increased by 170 percent, with these incidents now taking place once every ten seconds on average. There were approximately 83 million attempts to create fraudulent new accounts in 2015 and 2017.
Vanita Pandey, vice president of product marketing and strategy at ThreatMetrix, said: “With the volume and complexity of attacks increasing daily, businesses need to accurately differentiate customers from criminals in real time, without impacting transaction speeds or introducing unnecessary friction. By looking beyond static data – and drilling down to the dynamic intricacies of how people transact online – companies can continue to grow their digital businesses with confidence.”
Mounting a response
As the financial services industry works to combat the growing threat of cybercrime – and particularly account takeover fraud – it’s vital to have a clear strategy in place to protect your business and its customers.
Here are some methods that could prove particularly effective:
Leverage AI and machine learning
Machine learning and related AI-based technologies give today’s financial institutions an unprecedented advantage in the fight against fraud. In the case of account takeover, these tools give you more power to differentiate genuine customers from criminals by studying and learning from a broad range of events and transactions.
Making a strong engagement with customers and educating them on good security practices could make life infinitely more difficult for fraudsters. This could help to tackle practices such as social engineering, which involves criminals convincing people they have been defrauded and must share sensitive data in order to ‘secure their account’.
Build cross-channel layered protection
Having various layers of protection in place is one of the most powerful ways of keeping fraudsters at bay, since it puts multiple obstacles in their path. Multi-factor authentication is one approach that could become more common as banks look for ways to stop account takeover fraud in its tracks, without increasing false declines. Consistent cross-channel protection will also prove crucial as criminals look for weaknesses across multiple channels, payment types and banking platforms.
Image credit: weerapatkiatdumrong via iStock