Identity-Based Attacks - Trends and Evolving Threats
This session will delve into the real impact of identity-based attacks, drawing from ITRC's work providing assistance to victims of identity compromise, and ITRC’s published research reports. It will cover insights on the latest data breaches that fuel identity fraud, and attack trends across ecommerce, social media, online dating, etc. The session will explore how bad actors circumvent multi-factor authentication to gain access to accounts and conduct malicious scams.
Some content is hidden, to be able to see it login here Login
The email address still reigns in our increasingly digital-first transactional society. From opening bank accounts and credit cards to establishing app and ecommerce profiles, the email address remains a central proxy for identity.
Since the pandemic, digital transactions have increased exponentially, along with malicious activity throughout the customer journey. Companies are challenged to identify and address potential fraud with each account origination, app download, transaction, or account change. With email intelligence data and the right workflows companies can combat these threats.
AtData, along with Spec, will show you how to easily and quickly use email data to seamlessly manage risk throughout the customer journey.
- Making your first-party digital data work for you
- Preventing fraud from initial engagement to loyal customer transactions
- Improving speed to implementation of fraud prevention strategies
- Best practices for a frictionless customer journey
Hear from the FIDO Alliance and its stakeholders to get a deep-dive into the topic of passwordless authentication. Hear how major merchants and online service providers are actively collaborating on making web logins more secure and usable for all consumers. We will discuss challenges with legacy approaches; the move away from passwords; and new technologies that are emerging to support this. We will look at this in the context of consumer preferences and regulations.
Hear from authentication experts on theimpact of strong Customer Authentication mandates on key merchant KPIs, such as fraud rates and authorization rates. Expert advice on lowering challenge rates while remaining compliant and understanding good user behavior.
This future-gazing session will feature key players from the payments ecosystem to explore prominent authentication trends. We will delve into the potential to revolutionize fraud rates, user experience, and conversion rates by adopting a holistic approach that utilizes data across the entire lifecycle of identity verification, authentication, payment authorization, and dispute resolution. Engage in discussions about the longevity of SCA and explore emerging authentication protocols such as passwordless and delegated authentication.
There are no related Surveys
ATO's (or account takeovers) are not a new method, however these methods have been seen more and more in the last couple years.
What is it?
- An "account takeover" is the term applied to the fraud method wherein a unauthorized user gains access to an established account. This is done in many different ways, and with many different intentions in mind.
Why is this valuable to a fraudster?
- Different industries offer perks to account holders in different ways. The value of these offerings is what fraudsters are after.
- Once an ATO exploit has proven successful, the method becomes a standard operation for identity criminals until it no longer works.
Who does it Affect?
- Depending on the type of account, the affected entity will change:
- Banks account will be drained over time, but the true account holder can report that losses and recover funds.
- Conversely, crypto accounts are not as forgiving.
- Merchant account profiles that are used to process stolen payment information will affect the merchant by way of chargebacks.
Now, the Prevention Strategy
- Data is your friend when seeking to identify ATOs early on.
- Expansive datasets include PII, Biometrics, Behavioral Analytics, Device Fingerprinting and more.
After attending this webinar, attendees will learn why ATO is valuable to fraudsters, how ATO works, who ATO affects, and how to prevent ATO with online identity.
With the upcoming 3DS1 decommission planned in Oct’22, it’s important for merchants to plan their authentication strategy to not just process EMV 3DS transactions but optimize the entire payment experience.
To find out, join Gautam Pande – Director, Product Management, Identity Solutions at Mastercard to provide key considerations ahead of the 3DS1 Decommission & share updates of the Identity Check platform to enable seamless digital commerce
- Find out what to expect after the decommission date
- Be able to understand key changes in EMV 3DS 2.2
- Understand Mastercard’s Smart Authentication Platform
- Preview the Identity Check Express and the customer journey
Putting digital trust and safety into operation is a daunting job. It affects everything from the development of online products to setting standards, deploying internal teams and enforcing policies. It’s also too big of a job to do alone. Implementing an effective digital trust and safety culture requires partnering with social, government, law enforcement and technology organizations. These third parties can share useful information and meaningful insight around risk and best practices.
It’s Time for a New Approach: Digital trust and safety is shaping up to become a critical, revolutionary issue for online organizations, communities and everyday users. The online world depends on being able to move forward with trusted interactions, which are only possible when you know who is real and who isn’t. The value of trust far outweighs the cost of fraud. Organizations that can successfully identify trust in online interactions will improve the customer experience and strengthen brand loyalty while extending customer lifetime value.
At the core of trust in online engagements is digital identity verification. And at the core of identity verification is identity trust. If a user’s identity can’t be verified, how can that user be trusted? Even with verified identities, it’s even more important to establish that the individual behind the identity can be trusted. This guide provides best practices any organization can follow to develop effective trust and safety initiatives to protect their platform and their users.
Better fraud prevention, all around.
Many organizations rely on two-factor authentication (2FA) using one‑time passcodes (OTPs) sent by Short Message Service (SMS) to authenticate banking and ecommerce transactions. 2FA performed this way can be fast and easy, but SMS wasn’t designed to be a security tool.
Learn how your organization can leverage voice biometrics to protect customers and your brand by building the highest levels of protection, trust and loyalty.