NuData Security’s statistics for 2017 paint a worrying picture of the account takeover landscape
San Francisco, CA and Vancouver, British Columbia (April 17, 2018) – NuData Security, a Mastercard company, and a leader in the field of passive biometrics, announced today that they have identified a series of changes in account creation and takeover.
In 2017, across its billions of events, NuData Security flagged 40% as high-risk. Additionally, a sizeable rise in account takeover was noted, increasing ten times in 2017 compared to 2016. On average, logins deemed high risk now account for half of all login attempts, compared to 15% of all login attempts in 2016.
Account takeover is notoriously difficult to combat, as companies can’t discern between legitimate and fraudulent users – as they are both presenting correct credentials. Ryan Wilk, Vice President at NuData Security believes this is an indication of “how easy it has become for fraudsters to access personally identifiable information (PII) online. As data breaches continue to break records year over year, more and more PII becomes readily available for fraudsters to access on the dark web. With the password and credential reuse, and the wealth of available credentials, it is not surprising that we have seen such a stark increase.”
NuData Security also identified that the total purchases across their client base had doubled from 2016 to 2017, with the number of purchases made with flagged credit cards also doubling accordingly. This increase can be linked to the rollout of EMV in the U.S. Chip cards make it harder for bad actors to commit fraud in the card present environment, creating a shift towards card not present where they can try different techniques.
“Traditional models of account access are being bypassed by bad actors over and over”, Wilk continued. “Due to the easily-available stolen credentials, companies can no longer trust the users behind the device, making trust the key problem in the online ecosystem. To prevent the 2017 numbers from repeating in 2018, companies should review their authentication frameworks and make sure they have multi-layered solutions that include physical and passive biometrics technology.”
NuData also released statistics regarding mobile phone events, showing a 150% increase in total mobile phone events, with 30% of those being considered high risk.
NuData Security is a Mastercard company. It helps businesses identify users based on their online interactions and stops all forms of automated fraud. By analysing over 200 billion events annually, NuData harnesses the power of behavioral and biometric analysis, enabling its clients to identify the human behind the device accurately. This allows clients to verify users before a critical decision, block account takeover, stop automated attacks, and reduce customer insult. NuData’s products are used by some of the biggest brands in the world to prevent fraud while offering a great customer experience.