Account Takeover: New Face of E-commerce Fraud
Statistics show that there was an 80% increase in 2017 in the number of account takeover frauds in e-commerce sector. The internet has not just opened new avenues for online businesses, it has also become a breeding ground for fraudsters who leverage technology against e-commerce marketplaces to commit fraud. Account takeover fraud is one of such faces of fraud in e-commerce sector.
What is Account Takeover Fraud?
Account takeover fraud involves an attack from the fraudster on a genuine user’s account. The fraudster is able to get access to the login credentials of the user via phishing schemes and email scams. Simply put, it is a kind of identity theft whereby the fraudster gets the access to details of a user’s account on an e-commerce website. The fraudster is then able to change the account details of the user, make purchases, withdraw credits stored in the account and even access information of other accounts.
The common targets of account takeover fraud are the account that have prepaid gift credits and loyalty card points stored in the accounts. The fraudster can either withdraw these points for cash or make purchases on these credits. The attacker can change and rotate to new proxy servers in order to avoid any chances of hitting any blocks or alarms.
Account takeovers are also profitable for fraudsters when the account is linked with a credit/debit card and the attacker can open or max-out the credit card of the user. Recent trends of increase in number of online payment platforms has made it easier for fraudsters to access the banking information of the user and transfer small, undetected amounts or make small purchases.
Fraud relating to account takeover can start with as small information as the email address of the user, date of birth, or any such information that may be used for account verification. The e-commerce marketplace ends up losing its genuine users to these fraudster and also suffer huge losses when the user, upon realisation, ask for a refund for an order they never placed. Online merchants face a large number of chargebacks from multiple accounts or multiple cards from one account.
What is the solution for Account Takeover Fraud?
The change from physical communication to digital communication and storage of data has given fraudsters an open arena for accessing both the users’ and e-commerce sellers’ information. When it comes to account takeover fraud, online merchants can use the following measures for an all-rounder fraud protection:
Manual or In-house methods:
- Stronger Account Verification: Online sellers can implement stronger measures for verifying account details of a user to ensure that the account created by a person using personal details is actually being made by the user.
- Verification of Account Changes: Manual methods of e-commerce fraud prevention can also include alerting the user for any change made to the account via SMS or email.
- Ask for CVV: Asking the user for the CVV printed on the back of the credit card is another way to ensure that the payment is being made by the user.
Tech-based e-commerce fraud prevention method:
The most viable solution for account takeover fraud prevention is to use an advanced form of e-commerce fraud prevention tool that can automatically detect any fraudulent activity in a user’s account and flag it as a risky transaction. Tools like Mitra, that leverage machine learning and behaviour analytics can easily read patterns in the account modifications like change in domain name, change in email address or the delivery address.
Mitra, an Artificial Intelligence fraud prevention engine can detect any unprecedented change or transaction on a user’s account by evaluating each activity over numerous behaviour patterns and variables like time spent on a purchase, device fingerprint, past transactions, device ID, IP address used, email id and 200 more such benchmarks.
Account takeover not only affects the users, but also cause heavy damage to the online merchant. ThirdWatch provides a smart way to e-commerce sellers to fight fraud in real time with its AI-based engine Mitra, all-inclusive machine learning tool that detects every fraud an e-commerce may face and adapts to the kind of e-commerce industry to understand patterns of fraud in less than a flick of a second!