Paybefore: Viewpoint: Don’t Fear the Breacher

June 16 — Viewpoint: Don’t Fear the Breacher

It’s little wonder that any organization that touches sensitive customer data is suffering a serious case of breach phobia these days. An article by Ryan Wilk, VP at NuData Security.

Account Takeover and New Account Fraud: The New Black

Fraudsters can—and will—use stolen credentials to log onto an online account and then masquerade as the legitimate user. The bad actor then can transfer funds, use the payment method on file to make a high-value purchase or simply cover up fraudulent transactions. This is what’s known as account takeover fraud, and it’s become relatively easy through a number of common practices, including cycling through easily remembered passwords like “Password123,” or words like a victim’s child’s name, street name, birth dates or other data socially engineered from public profiles.

“Account takeover and new account fraud are expected to increase by 60 percent in the next three years, resulting in a loss of some $8 billion.”

This type of fraud shows no sign of stopping anytime soon for two primary reasons. For one thing, passwords aren’t sufficient to keep a user’s account secure. The second reason has to do with how traditional fraud-prevention systems work. These tools primarily use rules-based systems to analyze payment and personal identification information—they lack the ability to determine if a user accessing an account is in fact the real user of that account.

These systems do help apprehend some forms of fraud, but they aren’t enough.

For the complete article, go here.