May 4, 2020
Account Takeover (ATO) attempts can strike unexpectedly and leave many unsuspecting consumers with depleted accounts, and businesses facing not only the loss associated with the takeovers, but also brand reputation damage. When unauthorized users gain access to accounts, the value – whether that’s points or actual dollars – can be drained. The latest ATO attack to steal headlines occurred in April.
More than 160,000 Nintendo Network accounts were impacted by hacking attempts. A recent article describes how Nintendo login IDs and passwords obtained illegally were used to gain access to the accounts. Nicknames, date of birth, country, and email addresses may have been accessed during the breach and some account owners are reporting their accounts have been used to buy digital goods. Nintendo is in touch with affected users to investigate and address any fraudulent purchases made with value in the impacted accounts.
This is yet another example of how account takeover (ATO) is becoming more prevalent, and illustrates why businesses need to protect themselves and their customers with an account takeover (ATO) prevention solution.
As fraud continues to become more sophisticated and exploits vulnerabilities beyond payment transactions, it is critical companies look to an account protection solution that stops malicious logins, protects against bots, and enables personalized customer experiences.
Hackers rely on multiple methodologies to attempt illegal access to accounts
Hackers rely on sophisticated techniques to access accounts. A few of these include:
- Credential stuffing – Type of cyberattack where stolen account credentials typically consisting of lists of usernames and/or email addresses and the corresponding passwords are used to gain unauthorized access to user accounts through large-scale automated login requests directed against a web application.
- Bots (bad bots) – A bot is a software application that runs automated tasks (scripts) over the Internet. Typically, bots perform tasks that are both simple and structurally repetitive, at a much higher rate than would be possible for a human alone. Note that not all bots are bad, however, an effective ATO solution can detect the difference.
- Brute force attacks – An attacker systematically submits hundreds or even thousands of passwords or passphrases with one single user ID until the correct combination is found. The attacker may have a machine or algorithm with a dictionary of commonly used passwords or they have information such as observed behavior (birthday, kid’s name, sites you’ve visited). They are using this information to try to crack the account.
- Password Spraying – A type of brute force attack where the hacker tries to gain access to an organization’s systems by testing out a small number of commonly used passwords on a large number of accounts, on the assumption that within a large group of people, there’s likely to be at least one using a common password.
An ATO solution that delivers adaptive protection
Kount has developed an adaptive solution to ATO – Kount Control – that combines three key layers to deliver protection against the latest account takeover attacks and enable personalized customer experiences. The solution includes a protection layer, policy customization to fine-tune protection, and reporting / data presentation to uncover trends.
How does ATO work?
The protection layer of Kount Control evaluates user behavior, device and network anomalies to detect high-risk, anomalous login activity such as bots, credential stuffing and brute force attacks. The number of different usernames coming from a single device within the last minute or the number of different devices used with a single username within the last hour can be indicative of fraudulent activity. Kount determines in real-time whether a login should be allowed, declined, or challenged with step-up authentication.
Unlike other solutions, Kount Control provides a rich set of essential data for delivering adaptive friction with necessary precision. This dataset includes user type, device specifics, IP risk, geolocation, custom data, and more. Kount’s device and account intelligence analyzes trust and risk signals along with account behaviors to deliver the appropriate response. Linking detailed data such as trusted device status, IP addresses, mobile and proxy indicators and more, Kount helps ensure that the execution of user authentication policies is truly trust based. It creates a welcoming experience for known customers and protects against fraudulent account access.
Kount Control is the only ATO solution built on the Identity Trust Global Network, linking risk and trust signals from location data, digital identifier data, and unique customer data to enable accurate account protection in real time. Linked by AI, the Identity Trust Global Network combines signals from 32 billion annual interactions, and across 75+ industries and 250+ countries and territories, to block fraud in real time and to enable personalized customer experiences.