How to Prevent Cryptocurrency Account Takeover

by Gergo Varga
Knowing who your ecommerce customers are is the first step to reducing chargebacks and return fraud.
How can you trust they’re real? Detect identity theft as soon as possible.
Identity theft creates opportunities for fraudsters to appear legitimate online. They can use stolen IDs, credit cards, and even full ecommerce accounts to exploit your online store and make money.
This is what identity theft means for merchants:
It all adds up to give you every incentive to detect stolen, synthetic or fake identities as soon as possible.
Partner with SEON to reduce fraud rates in your business with machine learning, real time data enrichment and advanced APIs.
Book a Demo
For many online stores, the issue isn’t simply to detect bad users who rely on stolen identities; it’s also to do it without adding too much friction to the shopper journey.
As every online store owner will know, any obstacle between the user and their purchase leads to higher rates of cart abandonment and churn.
With the above in mind, here are options you have to validate user IDs without a heavy KYC process:
An important point to note is that not all suspicious card or IP data will point to identity theft. What this highlights, however, is that you should pay more attention at the checkout stage.
This is why identity theft detection is only as good as your risk management strategy. For most online retailers with an anti-fraud prevention system in place, this is where risk rules come into play.
When it comes to identity theft protection for ecommerce, all the risk rules you deploy will help answer the same question: is that person really who they say they are? Let’s look at three concrete examples.
We’ve covered the importance of understanding and enriching card data above, but here’s a real-life example that can help you see how that may help separate good from bad customers.
In the example above, we have a bad card payment with an incorrect CVV, but there may be worrying evidence if the US card user’s IP points to another country.
For instance, below we have set a rule to flag the sale whenever the card was issued in the US but the shopper’s IP is in Russia.
Of course, people do travel, and not everyone who uses a US card in Russia is a fraudster.
But the key is to be able to spot these potential red flags. Once we know this, we can take it into account together with hundreds of other data points to evaluate how risky the shopper in question might be.
This is an example of data enrichment based on an email address or phone number only.
A tool like SEON can check if they have been used to register to social media sites as varied as LinkedIn, Twitter, Patreon, Quora, Netflix, and Airbnb, among others.
Why is this important?
In today’s digital landscape, it’s extremely unlikely to deal with people who have no social presence whatsoever. While social media platforms tend to be location-specific, SEON can check 50+ networks worldwide, which should definitely raise red flags if no profiles are found at all.
Here again, a lack of social presence doesn’t necessarily mean your customer is using a stolen identity. However, it increases the chance that something fishy might be happening.
Understanding how users connect to your store is also a great way to learn who they are.
In the fraud detection world, this is done via device fingerprinting. The method allows you to learn to extract metadata on your customer’s software and hardware configurations.
How does this relate to identity theft?
Well, fraudsters must try numerous stolen identities before they can target your store. That means switching devices, browsers, and IP address constantly. Because it’s so time-consuming, they use tools such as emulators and virtual machines instead, which allow them to make it appear as if they’re different people.
Luckily for you, seeing that data in real-time can help you:
The latter is particularly effective when it comes to protecting user accounts. Is a loyal customer suddenly connecting with a brand new device, IP address, and paying with a prepaid card? You should be extra vigilant.
Partner with SEON to reduce fraud rates in your business by 70–90% on average, stopping identity fraud, chargebacks, account takeovers – and more.
Book a Demo
SEON offers a full fraud prevention solution for online stores, available via the end-to-end platform, APIs, as a Google Chrome plugin, or even a Shopify fraud detection apps.
The key is to give you as much data as possible to understand who your customers are – without having to ask for extra information.
You can use that data to:
The anti-fraud modules can be deployed at several touchpoints, including the transaction stage, signup, and even at login to ensure only your legitimate customers have access to their accounts on your platform.
Fraudsters can access ecommerce customer data from data breaches, using stolen IDs, or simply by stealing an ecommerce account. The latter is called an account takeover, or ATO attack, which your customers might also refer to as “account hacking”.
It is big business for criminals and can enable further fraudulent schemes. According to Statista, ecommerce fraud losses amounted to $20 billion in 2020–2021, partly fueled by identity fraud (25% of all fraud cases in the US and Canada).
Sources
Showing all with `` tag
Click here
Gergo Varga is SEON’s Product Evangelist. With more than 10+ years of experience in the Hungarian and international risk management sphere, he has developed an astute knowledge of RiskOps and Open Source Intelligence. He is the author of SEON’s Fraud Prevention for Dummies guide.
The top stories of the month delivered straight to your inbox