Account Takeover ATO Fraud Protection

What Is Account Takeover Fraud?

Account takeover fraud occurs when a human, bot, or botnet uses stolen or hacked credentials to access legitimate customer accounts. Those accounts can then be used to drain monetary funds or loyalty points, steal customer data, or to purchase goods or services. This type of fraud can have devastating, long-term impacts on businesses: Beyond lost revenue, account takeover fraud causes brand damage, and can permanently erode the trust of good customers.

How It Works

Adaptive Authentication for Account Logins

Kount Control’s adaptive authentication takes an intelligent, multi-layered approach to protect against account takeover attacks and deliver frictionless customer login experiences. This approach allows businesses to customize their passive authentication account login protection policies and choose from several multi-factor authentication (MFA) options when login activity needs to be challenged. Then businesses can use Kount Control’s reporting and data presentation layer to uncover trends that can inform future policies and further improve customer experiences.

Account Takeover ATO Adaptive Authentication

Protection That Adapts

Kount Control’s AI-powered passive authentication protection layer starts working the moment the customer lands on the login page. It evaluates the user’s behavior and device, as well as any network anomalies that might indicate high-risk activity from bots, credential stuffing, and brute-force attacks. Then Kount’s device and account intelligence analyzes trust and risk signals in real time to allow, deny, or challenge the user’s login activity.

Linking data like trusted device status, IP address, and mobile network and proxy indicators allows Kount to execute risk- and trust-based user authentication policies. In the end, Kount Control creates a welcoming experience for known customers and intelligently protects against malicious login attempts.

Learn more about Adaptive Authentication from Kount Control

Download the data sheet

Step-up Authentication

The step-up authentication layer allows businesses to use two forms of MFA to challenge login activity. A business’s account security requirements will determine if it needs to challenge all login activity with step-up authentication via Control’s policy settings. Kount Control’s MFA options take authentication security to the next level by verifying users through a one-time passcode (OTP) via email or SMS.

Kount Email MFA for one-time passcodes (OTP)

Kount Email MFA challenges the user by sending a numeric passcode to the email address associated with the user account. If the user can then retrieve and enter the passcode, they can prove that they’re the owner of the registered email account. Kount Email MFA uses this knowledge to further authenticate and verify the user’s identity.

Equifax Secure MFA

For use cases that require additional security or mobile-first support, Kount customers can use Equifax Secure MFA alongside Kount Control. Equifax Secure MFA links a user’s mobile number and device or SIM card through a dynamic hyperlink delivered via SMS. This MFA option confirms that the user engaging with the business application possesses the device and SIM associated with the phone number, providing an additional layer of identity trust.

Adaptive Friction

In the policy and customization layer, Kount Control provides the capability to customize user experiences and reduce friction by identifying and segmenting users based on common characteristics, such as VIP or trial users. Unlike other solutions, Kount Control provides a rich set of essential data for delivering adaptive friction with the necessary precision. This dataset includes user type, device specifics, IP risk, geolocation, custom data, and more.

Reporting and Data Presentation

The reporting and data layer of Kount Control provides multi-dimensional data and real-time reporting, revealing valuable customer insights that can be used to fine-tune business policies and provide customized experiences. Login trend data, including device and IP information, is rarely available to fraud teams. With the ability to quickly identify and report on failed login attempts, risky IPs, compromised accounts, and inbound anomalies, businesses can stop account takeover attempts, and uncover trends that enrich their own data and inform future policies.

Kount’s solution also provides rich data about each login event, including device information, the trust status of the device, and geolocation to more accurately identify a returning customer so that the right level of friction can be applied at the time of login.

Identity Trust Global Network^TM

Kount Control is the only Account Takeover Fraud solution built on the Identity Trust Global Network, linking risk and trust signals from location data, digital identifier data, and unique customer data to enable accurate account protection in real time. Linked by AI, the Identity Trust Global Network combines signals from 32 billion annual interactions, and across 75+ industries and 250+ countries and territories, to block fraud in real time and to enable personalized customer experiences.

Account Takeover Fraud Protection