How can retailers prevent account takeover fraud?

Account takeover fraud occurs when an illegitimate user logs in to a genuine customer account to buy goods and services without the account-holder’s authorisation.

There are various ways fraudsters can obtain login details: through the black market, lax password security, malware or phishing attacks.

Once the fraudster gains access to a legitimate account with a good history and trustworthiness, it is difficult for the account user and the retailer to realise what is happening in time to prevent losses, and once they do, the damage is already done.

Risk Ident chief executive Roberto Valerio says: “Signs of account takeover can include conspicuous behaviour during the login process, like an unusual number of failed attempts, or a password change followed by unusual customer behaviour.

“It could also feature deviating behaviour like unusually expensive or high-volume purchases. If login attempts are detected from different devices, browsers and places, or if purchasers are trying to conceal their location, these can also be warning signs of potential account takeover fraud.”

Evolving threat

Valerio highlights that the problem lies in fraudsters constantly changing their strategies and trying out new methods.

“Signs of account takeover can include conspicuous behaviour … like an unusual number of failed attempts, or a password change”

Roberto Valerio, Risk Ident

Rule-based anti-fraud systems can be set up to watch for these suspicious trigger points, but they can too often cause costly false positives for retailers (declining legitimate purchases that have been wrongly identified as criminal), damaging the customer experience.

“Machine learning technology, based on developing computer programs, recognises patterns and regularities in datasets, and is then able to learn from that, continually creating new models and better, constantly evolving algorithms that help retailers stay a step ahead of the fraudsters,” says Valerio.