Fighting ATO Attacks: Protect Your Brand and Customers
What will you get from this guide?
Stop Bad Actors From Accessing Your Store
Get insights to help you see through common
ATO tricks & improve detection efficiency
Enhance Customer Experience
Ensure that customer verification measures
don’t cause undo friction or dropoff
Protect Your Reputation
Defend your store against breaches that
can compromise customer data–and loyalty
Whenever a bad actor gains access to another party’s legitimate account, this is called an ATO. Not only are ATO attacks tough to spot, they can also cause a lot of harm beyond just stolen goods and chargebacks, including backlash from upset customers. In this guide, we dive into how these attacks manifest, and give tips for detecting and preventing them.
Online fraud is becoming more and more sophisticated, as cybercriminals try and keep a step ahead of fraud solutions and tools. One of the results of this arms race is the recent surge in ATO – account takeover – attacks, a form of fraud which is particularly difficult to detect. In 2017 ATO led to $5.1 billion in losses, a staggering 122% increase over the $2.3 billion lost in 2016.
Not only are ATO attacks tough to spot, they can also cause harm that goes beyond just stolen goods and chargebacks. Customers often leave credit card details saved in their store accounts, trusting merchants to guard them. In the event of a data breach, customers are left to deal with the fallout of having their personally identifiable information–PII– stolen. This could entail cancelling credit cards or dealing with identity theft. It can even be a struggle simply to regain control of their account: once fraudsters have accessed an account, they can lock the owner out by changing the security questions and passwords. In 2017, ATO victims spent an average of 15 hours resolving the fraud.
The damage for merchants is at least as grave. ATOs reflect very poorly on their brand, create a breach of trust with loyal customers, and can potentially lead to the loss of the entire lifetime value of affected customers.
In this guide, we’ll explain ATO attacks: how fraudsters get the credentials they need to access accounts, and their modus operandi once they’re in. We’ll also explain how to protect customer data, and your own products, from sophisticated ATO fraud. Finally, we’ll provide tips on creating a verification process that keeps bad actors out, without causing unnecessary friction to your good customers.