Account Takeover - What to Watch Out For

By Catherine Tong, Vice President & General Manager, Accertify EMEA July 17, 2015

Share:

Data is being compromised by some significant data breaches, and phishing attacks are on the increase.

The reality is, many people use the same password and this gives fraudsters free reign across all their accounts. The impact of this can be anything from stealing loyalty points, to placing unauthorized transactions.

Takeover is hard to spot. Customers who have never been a problem in the past suddenly are. Some watch-outs for you to consider:

  • Review and update your positive lists regularly – would you spot it if a customer turned bad?
  • Ensure your review process has ways to contact genuine customers, not just numbers provided in the transaction being reviewed
  • Ensure you have change detection rules in place for changes  to account details, i.e. email addresses, IP address, device ID

Spot changes in purchasing behavior – compare current transaction value to historical purchase values; digital content versus physical content; different city pairs for travel; different types of events for ticketing.

Posted in

About the Author

Catherine has over 15 years' experience fighting the bad guys from many angles, as a merchant, consultant and vendor. She also leads the Accertify EMEA team and is a member of the European MRC Board.