ATO and NAF Fraud Infographic

Is it your user?

ATO-infographicFINALA Walkthrough ATO and NAF with NuData
Account fraud continues to grow at an exponential rate, and will continue to grow until we rally together to put an end to the fraud. NuData is highlighting the ever-growing problem of account takeover (ATO) and new account fraud (NAF) and describes a proven solution to combat this costly issue.

Account takeover can happen when a fraudster or cyber criminal poses as a genuine customer, gains control of the account and then makes unauthorized transactions, which they can continue to do as long as the fraud remains undiscovered, sometimes for months or longer. It is one of the key forms of identity theft. These bad actors will steal an established account with personally identifiable information (PII) attached to it. This could include an airline account, a retail account, a bank account or more (Target, Amazon, etc) or other types of accounts. New account fraud is when the fraudster uses legitimate PII to open new accounts, fill out load applications or takeover IRS accounts.

The first step to accessing this PII information is often from breaches or malware, where the data is stolen and then posted for sale on the dark web. This is why it’s important to understand that breaches not only cost in terms of dollars, they are also a door for fraudsters to gain access to take over accounts.

Can You Trust It’s Your User?

The first part of the infographic points out the frequency of ATO and NAF, that it’s a growing global epidemic, and that it’s getting harder to separate the wheat from the chaff when it comes to trusting the users behind account logins and creations. We can also see the impact in terms costs to US business, and the dollars at stake from the global transaction bucket, and what the financial impacts of ATO and NAF are estimated to be in the future. We also see that a large percentage of all transactions are reviewed and this can have a large impact on costs.

Risk of Account Fraud is Growing

Next, we dive into some of the findings that NuData has seen across our customer base comprising of tens of billions of behavioral events and transactions analyzed between 2015 through 2016. This data underpins the fact that we are seeing a 48.4% increase in fraudulent login attempts in the last year. A massive 50% of all new account creation attempts over the same period were fraudulent.

Bad Guys Are Winning in Plain Sight

We detect fraudulent activities across hundreds of signals. For example, some signals that may indicate New account fraud could include several behavioral indicators such as the country of origin amongst other signals. While detecting the source of an attack can be difficult — cyber criminals can launch online assaults from infected computers around the world — knowing the country of origin can provide an important clue in ultimately determining the identity of the entity.

What makes account fraud so prevalent and gives the fraudsters such an edge at the moment is the availability of cheap account credentials on the dark web where fraudsters can go and buy legitimate functioning account usernames, passwords and more specifically intended for account fraud. The cost of these credentials fluctuate daily and show that account fraud has been monetized, and is cheap and lucrative.

Behavioral Biometrics Solves Identity

The infographic then covers the solution. The benefits of behavioral biometrics in terms of solving the “identity problem”. Behavioral biometrics monitors behavior over time and learns how the real user behaves and can determine from this behavior what is good activity, and what is not, in real-time.

The behavior tree is a conceptualization of how every human is associated with hundreds of behaviors and connections online. We use this to determine who is a real human, and who is likely a machine or a bad guy because we know how humans behave (not like machines and not like the genuine user).

The NuData Solution

The multi-layered nature of the NuData solution means that it uses several integrated technologies rather than just a single source (such as geography, or device). NuData monitors hundreds of behavioral signals providing billions of behavioral profiles of genuine users, and their digital identities.

“Did you know” facts

A shockingly unsurprising (*facepalm moment) 55% of online users still are using the same password for most of their online accounts. We have found in our research that ATO and NAF attacks typically start with malware or data breaches, and involve a high percentage of account testing type behavior. It is important for companies to understand while considering a solution to online fraud that 32% of customers will stop shopping after a false positive (denial of their transaction) and this usually is the result of security that is either too strong, not sensitive enough, or not tuned properly.

We are also tracking a dramatic (250%) short-term increase in spoofing attempts in 2016 (Proxy’s, TOR networks & provisional emails). This is an important factor of account takeover where fraudsters will attempt to use valid account credentials with these spoofed emails.

We’ve found in our data that accounts created late at night are more likely fraudulent and fraudsters take great pains to conceal their locations. We also show that a visual representation of how behavioral biometrics works in a similar way to radar, or a fish finder, always looking for good users (and finding the bad ones along the way).

Our data team surprised themselves with a thought exercise. Taking into account all the behavioral events we monitor, such as logins and form fills, we then applied a realistic time-frame to them (for example, logins take an average of 80 seconds). We extrapolated how much time this would account for in years. This fun fact shows the breadth of all of just how many events we monitor in only one month – each and every month and growing exponentially!

To download the infographic go here.
To view the reference document go here.
Want to read more posts like this? See our full blog here.