Account takeover fraud—also called account login fraud, account compromise and account hijacking involves using phished or stolen credentials to gain entry to a user’s account.
Traditionally this kind of attack has been directed at financial institutions but targets now include most major enterprises, governments, social networks, stored value wallets, market places and online game publishers. Anywhere that valuable identity data, trade secrets or convertible currency is held is now a potential target.
Businesses trying to improve protection against account fraud takeover protection are between a rock and a hard place. The risk of compromise of username and passwords is increasing with automated phishing and key logging attacks. While using two factor authentication such as hardware tokens is more secure, it requires a change to customer behavior hence best suited for B2B relationships and found to be left wanting by the latest trojan man-in-the-browser (MITB) attacks.
How ThreatMetrix detects and prevents account login fraud
Prior to ThreatMetrix, organizations only had available to them browser fingerprint information to correlate against credentials and login history. ThreatMetrix adds additional context information to existing authentication applications and processes by providing deep intelligence about the device accessing the account and its behavior on-site and across the network.
Stop account login fraud based on device anomalies
- Go beyond browser fingerprinting technologies using patent-pending packet signature profiling to uncover device anomalies
- Go beyond IP Proxy detection to detect accounts accessed from behind hidden proxies
- Pierce proxies to detect the true IP address and true geolocation of the fraudsters computer to prevent access from unauthorized locations
- Detect account access from an infected computer known to belong to a botnet
- Prevent access from uncommon or suspicious computer configurations
Instantly recognize device, account and behavioral anomalies based on account login context
- Detect anomalous account access based on location, time and device forensics and behavior
- Use advanced device identification technology to detect unrelated account access from the same computer
- Create custom pattern and device recognition rules for account linking
- Score on custom attributes such as account age and account creation location to be included in real-time scoring models
- Leverage global network for detection of suspicious signup behavior
Leverage improved decision management tools to help you analyze, report and control account login fraud
- Intuitive SaaS portal and powerful reporting for trend analysis and optimization
- Customizable rules engine tailored to your application and business. Easily blacklist or whitelist device and transaction credentials
- Comprehensive API for real-time integration of scoring, reason code, device ID and underlying attributes into fraud, authentication and case management applications
Interrupt good customers less often by optimizing challenge and response requirements based on real-time feedback of device risk
- For password reset processes, has the device already been previously authenticated elsewhere on the site?
- Does the device and credentials have negative reputation across the network?
- Do device attributes and location correlation match previously known device profiles?
ThreatMetrix unique benefits for account takeover fraud
- Prevent losses due to fraudulent funds transfers and bill pays, not just monitor them
- Protect brand and reduce customer outrage
- Leverage global network intelligence without sharing personally identifiable information
- Integrate authentication intelligence with the rest of your online business including new account origination and transactions
- Complement your existing investment in authentication and case management tools
