SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Sift shares crucial advice for preventing serious ATO breaches
Fri, 13th May 2022
FYI, this story is more than a year old

Are you or your business struggling with Account Takeover Fraud (ATO)? One of the latest ebooks from Sift can provide users in many situations with the tools and expertise to help launch them into the new era of account security.

Nowadays, it takes more than just usernames and passwords to protect valuable account data. There is now a significant focus on a layered security approach to stop account takeovers, with platforms needing to deliver a wide range of security features on multiple levels.

Many industries and enterprises are often severely affected by ATO, including financial institutions, retail companies and commerce operations. Threat actors use a variety of sophisticated techniques to gain important account data and are heavily succeeding.

According to Sift research, ATO attacks against the fintech sector alone soared 850% between Q2 2020 and Q2 2021, and in the recent 2021 Black Friday/Cyber Monday shopping period, account takeover fraud rates rose by a stunning 2,950% in the omnichannel retail sector.

Sift says the pandemic has only heightened these challenges, and as consumers rely more on online services, there becomes a reliance on digital accounts and the need to protect those accounts from cybercriminals who want to exploit them.

Often these accounts contain crucial information like stored value, payment information, demographics, and personally identifiable information (PII). A breach could lead to disastrous financial consequences and brand integrity failure, along with customer mistrust and possible legal issues.

Habits are also a significant factor mentioned in the report that could lead to a problematic ATO. Research from LastPass shows that 65% of people globally use the same password for every account they own, and this is the type of security layer that can commonly be breached quite easily.

Users should also be aware of fraud rings, like the recently uncovered Proxy Phantom. This dangerous threat leverages the Fraud Economy and the dark web to purchase millions of stolen username and password combinations, and use bots to test those credentials.

So what can you do to ensure you have a layered approach to stopping account takeover fraud? It's often not as simple as updating passwords and hoping for the best.

The Sift report recommends an account security framework and strategy that uses the right balance of passive detection and Dynamic Friction to ultimately stop attacks from all vectors.

The report goes into detail on the best strategies and how to implement them for your business, with a focus on content integrity, payment protection, Sift Connect integration and account defence. It also examines the benefits of Keyless Passwordless Authentication with the Sift Digital Trust - Safety platform.

This platform can help dramatically reduce ATO by:

  • Verifying users while eliminating the need for passwords.
  • Enabling intelligent step-up authentication using biometrics.
  • Protecting users' privacy with proprietary, military-grade security.

To stop ATO in its tracks, businesses and users need an adaptable account security strategy that is focused on being cutting edge and comprehensive. Learn more about the helpful ebook here for more tips and advice.