Graph-centric Fraud Prevention: From Trusted Account Opening to ATO Fraud Protection
Most eCommerce authentication systems don’t verify identity at login. This is problematic, because when credentials get hacked or stolen, merchants can't see who is operating behind a legitimate login. Unfortunately, biometrics can also be hacked and stolen, or associated with rogue users who have compromised accounts.
This is why the need for identity assurance is paramount.
This informative presentation highlights how people commit ATO fraud, and how identity-based authentication and NIST 800-63-3 and FIDO2 standards can be used to counteract these attempts.
Some content is hidden, to be able to see it login here Login
Host a Webinar with the MRC
Publish Your Document with the MRC
This webinar discusses how email verification and fraud prevention solutions can help businesses improve their email deliverability rates, reduce spam, and increase ROI while protecting their email reputation by identifying spam traps. As well as the benefits of having a frictionless user experience for businesses.
This webinar will cover key learning points, including:
- The benefits of email reputation scoring in identifying fake accounts, high-risk payments, chargebacks, bots, and similar high-risk behavior.
- Leveraging email intelligence to identify newly created email addresses, bot-generated accounts, and high-risk behavior.
- How email verification and fraud prevention solutions can help businesses improve email deliverability rates and inboxing rates (less hitting of the spam folder). This can in turn boost customer engagement and revenue.
- The role of fraud prevention solutions in identifying and preventing fraudulent activity related to email, including phishing attacks, account takeover attempts (ATO), business email compromise (BEC), and other scams.
- How fraud prevention solutions can help businesses achieve a frictionless user experience while maintaining strong security measures. This reduces the risk of fraud while improving the customer experience.
The email address still reigns in our increasingly digital-first transactional society. From opening bank accounts and credit cards to establishing app and ecommerce profiles, the email address remains a central proxy for identity.
Since the pandemic, digital transactions have increased exponentially, along with malicious activity throughout the customer journey. Companies are challenged to identify and address potential fraud with each account origination, app download, transaction, or account change. With email intelligence data and the right workflows companies can combat these threats.
AtData, along with Spec, will show you how to easily and quickly use email data to seamlessly manage risk throughout the customer journey.
- Making your first-party digital data work for you
- Preventing fraud from initial engagement to loyal customer transactions
- Improving speed to implementation of fraud prevention strategies
- Best practices for a frictionless customer journey
Sift's Brittany Allen will provide a transparent look into how merchants can tackle one of the most challenging forms of fraud. With real use cases of collusion fraud from across multiple companies' experiences, plus examples of criminal chatter from the deep and dark web, attendees will leave with clear takeaways to improve their own team's fraud prevention processes by leveraging internal data, machine learning, and partnering with knowledgeable fraud fighters.
During the session, Brittany will discuss the inner workings of the most prevalent and emerging types of fraud marketplaces encounter, including:
ATO's and Merchant Fraud: Whether it's a new account or the ATO'd account of an inactive seller, we'll cover the potential risk of marketplace collusion.
BNPL Fraud: A fraudster controlling both a seller and buyer account who selects installment payments at checkout, eventually building to $200,000 in payouts.
Empty Package/ Item Not Received Fraud: As a marketplace, when it comes to empty package claims, how do you know which side to believe? And what if both sides are actually fraudulent and your marketplace isn't the target, but the postal service is?
Voucher and Points Cashout: How to prevent fraudsters from abusing vouchers and promos.
The dramatic shift to online shopping means retailers see their customers less than they ever have. Additionally, with daily data breaches and lax password security, account credentials are readily available for purchase.
This is a boon to fraudsters looking to pose as legitimate customers. So good in fact, that from 2019 to 2021, identity theft increased 81.8% globally. For too long, organizations have played defense and responded to suspicions of fraud reactively. It’s time to start establishing digital trust with customers early in the journey, just like retailers would do in the day when they knew their customers personally.
Identity is at the root of all fraud. Merchants that can safely trust their customers' identities will reap the benefits. First, they can greatly reduce the impact of fraud on the business. Second, they have more—and better—data for reducing customer friction, increasing loyalty and targeting sales or marketing efforts more effectively.
So how can merchants know for certain a customer is who they claim to be?
Traditional identity verification (IDV) solutions validate some customer attributes, but these are no longer enough to establish trust. To establish that an identity can truly be trusted, it’s imperative to take a more holistic look and verify the connections between that data and the person claiming to be a customer.
Professional fraudsters can try to impersonate legitimate customers, but they can’t create trusted identities. Even synthetic identities fail when exposed to this scrutiny.
This is why trusted identities offer a safer approach to IDV. By identifying trust, the company focuses less on behaviors and more on the individual making purchases.
27% of the global merchants that participated in MRC's 2022 Global Payments and Fraud Report experienced some form of ATO fraud, and this attack method now ranks as the fifth most prevalent for North American merchants. This session will explore some of the inventive ways that accounts-based attacks are carried out and monetized. We will deep-dive into the strategies merchants can employ to reduce their exposure to ATO fraud, to better protect customer accounts and their own brand.
Wix helps people create professional websites to manage and grow their businesses, providing a world-class platform to over 234 million users in 190 countries. Wix’s merchants use the platform to build and run digital storefronts - collecting payments through Wix Payments.
This setup is great for Wix’s users, but comes with challenges on the side of fraud and risk. Wix needs to validate merchants to prevent seller fraud, and help merchants to ensure that their customers are legitimate as well. All without contributing off-putting friction for merchants or customers. Adding to the challenge, Wix aims for zero false declines.
Intrigued by how they pull this off? Attend this session to find out how, using an anonymous identity validation network, they put into practice their motto that success on one side supports success everywhere in the business.
Journey Orchestration has become a "buzz-term"; in fraud prevention, but what does it actually mean and why does it matter? In this webinar we'll take a look at some of the key fraud use cases, and unpick how viewing these via the lens of customer journey orchestration, rather than a point-in-time risk assessment, can make a huge difference to revenue and customer experience.
- How is Account Takeover influenced by behavior pre-authentication?
- Why does understanding bot behavior help better prevent New Account fraud?
- What makes purchase scams unique in the fraud prevention world, and how can they be detected and blocked?
- Have a new understanding of some common fraud threats, and why they have become harder to tackle
- Be able to articulate why understanding user behavior across an entire digital session, rather than at a moment-in-time, is important
ATO's (or account takeovers) are not a new method, however these methods have been seen more and more in the last couple years.
What is it?
- An "account takeover" is the term applied to the fraud method wherein a unauthorized user gains access to an established account. This is done in many different ways, and with many different intentions in mind.
Why is this valuable to a fraudster?
- Different industries offer perks to account holders in different ways. The value of these offerings is what fraudsters are after.
- Once an ATO exploit has proven successful, the method becomes a standard operation for identity criminals until it no longer works.
Who does it Affect?
- Depending on the type of account, the affected entity will change:
- Banks account will be drained over time, but the true account holder can report that losses and recover funds.
- Conversely, crypto accounts are not as forgiving.
- Merchant account profiles that are used to process stolen payment information will affect the merchant by way of chargebacks.
Now, the Prevention Strategy
- Data is your friend when seeking to identify ATOs early on.
- Expansive datasets include PII, Biometrics, Behavioral Analytics, Device Fingerprinting and more.
After attending this webinar, attendees will learn why ATO is valuable to fraudsters, how ATO works, who ATO affects, and how to prevent ATO with online identity.
Bots are one of the main weapons of choice of bad actors, particularly for malicious activities such as account takeover fraud (ATO) and identity theft. Versatile and adaptable, bots can stage a wide range of malicious activities, ranging from credential stuffing attacks using information exposed in data leaks to the creation of multiple online identities.
For businesses, the combination of bot threats can pose serious problems - especially when it comes to customer satisfaction and company reputation.
This webinar will discuss how bots attack, the negative consequences they can have on an organization and how merchants can protect themselves.
1. How bots attack (and types of bots)
2. The cost of bot fraud
3. Examples of ATO bot attacks
4. How businesses can fight back
Join LiMeng Lee, Chief Strategy Officer at Razer and MRC APAC Advisory Board Member, and Gene Yu, CEO of Blackpanda (a cyber crisis management firm that offers top-tier cyber-attack containment and investigative services in the event of a data breach) as they demonstrate the importance of having a cybercrime crisis management or incident response plan in place before the incident or event occurs.
LiMeng and Gene will highlight the necessary steps which should be undertaken to set up your incident response strategy, they will also highlight the immediate activities which should take place in the wake of an incident occurring.
The viewer, upon listening to the webinar, will have a basic understanding of the importance of implementing the prevention plans outlined, and were recruiting a third-party consulting company to assist in setting these plans up can help.
It’s Time for a New Approach: Digital trust and safety is shaping up to become a critical, revolutionary issue for online organizations, communities and everyday users. The online world depends on being able to move forward with trusted interactions, which are only possible when you know who is real and who isn’t. The value of trust far outweighs the cost of fraud. Organizations that can successfully identify trust in online interactions will improve the customer experience and strengthen brand loyalty while extending customer lifetime value.
At the core of trust in online engagements is digital identity verification. And at the core of identity verification is identity trust. If a user’s identity can’t be verified, how can that user be trusted? Even with verified identities, it’s even more important to establish that the individual behind the identity can be trusted. This guide provides best practices any organization can follow to develop effective trust and safety initiatives to protect their platform and their users.
Putting digital trust and safety into operation is a daunting job. It affects everything from the development of online products to setting standards, deploying internal teams and enforcing policies. It’s also too big of a job to do alone. Implementing an effective digital trust and safety culture requires partnering with social, government, law enforcement and technology organizations. These third parties can share useful information and meaningful insight around risk and best practices.
How iGaming Industry Growth and Fraud Correlate:
The global online gambling market size has a compound annual growth rate of 13.2%. Driven by the popularity of mobile gaming, the market value is projected to generate just over $117 billion by 2025.
This massive industry growth has led to fraud increases. For example, bonus abuse rose 72% between 2018 and 2019, and account takeovers increased by 90% from 2020 to 2021, costing an estimated $11.4 billion in damage. Balancing fraud prevention with a positive customer experience is a big challenge for operators. But there is a solution. And awareness of common types of fraud and how to stop them is the first step.