How to Prevent Cryptocurrency Account Takeover

Published on November 1, 2022 by Gergo Varga
Fraud prevention requires data. But data is increasingly protected by regulations.
How does it work, and what should you check before deploying an anti-fraud solution? All your questions are answered here.
For most online businesses, fraud prevention is part of their risk management strategy rather than a legal requirement. Companies tend to only think about fraud losses after they’re already operational and then deploy anti-fraud solutions to solve the problem.
There are, however, regulatory requirements designed to reduce fraud. You may have to meet those requirements depending on the sector you operate in.
If you are a payment provider, for instance, you will be asked to meet regulations such as PSD2’s Strong Customer Authentication requirements, deployed with the goal of reducing payment fraud.
When it comes to identity theft, a growing number of industries must ensure that they can verify customers’ identities to meet KYC verification requirements.
While, initially, only financial institutions needed to meet KYC and AML requirements, these days, you may also have to be compliant if you are a BNPL, iGaming operator, travel agency, real estate company, or other industry considered volatile.
A great way to learn if you should deploy anti-fraud measures is to go over our fraud risk assessment checklist here.
Partner with SEON to reduce fraud rates in your business with real-time digital footprinting, whitebox machine learning, and advanced APIs – including AML API.
Book a Demo
Yes. Fraud prevention solutions are designed to help you learn more about your users and customers and their behavior. This is a key part of what some regulators require when it comes to identity verification, authentication, and demonstrating a risk-based approach.
For instance, a fraud detection system can help with the following:
AML verification, which overlaps with other local requirements, such as the US’s Bank Secrecy Act (BSA) or Counter Financial Terrorism (CTF) measures, is a legal requirement that does not necessarily call for fraud prevention solutions.
However, it does require forms of identity verification and AML transaction monitoring, which some fraud prevention software can help with – since they already gather the data for KYC or to combat payment fraud.
In fact, because they are adjacent pain points, some fraud prevention companies, including SEON, also have AML-specific modules and solutions.
Ensuring that you do not help money being laundered is an increasingly stringent process, verified by a number of regulators around the world.
It’s also crucial to note that regulatory compliance is ever-evolving.
For instance, while the Financial Action Task Force (FATF) only used to recommend the implementation of a risk-based AML approach for banks and financial institutions, it now also targets companies such as BNPL or luxury retailers.
The short answer is that it depends. Drafting a contract with a fraud prevention vendor varies from one industry to the next and even from one country to another. What is certain, however, is that most of the legal grounds will cover data protection.
A fraud prevention solution needs your business data to work.
This may become a compliance issue if the data isn’t handled properly or if you do not explain how user data is shared in your privacy policy.
There are two key terms to understand in relation to data legislation, as defined in the GDPR but used beyond the EU as well:
Ensuring both your users and their data are protected is paramount when dealing with fraud prevention vendors.
The amount of data shared with the fraud prevention vendor as well as the way in which it is shared must comply with local data protection principles.
Therefore, the data processor’s privacy policy should cover the following:
Aside from consulting the fraud prevention vendor’s privacy policy, it’s also a good idea to look out for compliance certificates (see below).
Yes, fraud prevention is legal under the EU’s General Data Protection Regulation (GDPR) as well as, by extension, the UK GDPR. Recital 47 in the regulation states:
“The processing of personal data strictly necessary for the purposes of preventing fraud also constitutes a legitimate interest of the data controller concerned.”
It’s also important to note how the GDPR defines personal data, as found in Article 4 (1):
“Any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.”
Some fraud prevention vendors go the extra mile by letting you delete data upon request. At SEON, you can do so easily with our Erase API, which is key when dealing with EU-based customers.
When it comes to compliance certificates, the number of acronyms can be overwhelming. These include SOC 2, ISO 27001 and more. Here are a few you could look out for:
iGaming companies should also look for licensed solutions – for instance, with The Service Industry Licensing Bureau (SILB).
Partner with SEON to be compliant and reduce fraud in your business with real-time data enrichment, whitebox machine learning, and advanced APIs.
Book a Demo
SEON is designed to turn your customer data into a treasure trove of information via data enrichment, which pulls a customer’s digital footprint without asking them for it. As a result, the data is real-time, actionable and much more difficult to falsify.
We also offer a specific AML module, which is designed to enhance anti-money laundering compliance with the data you already have.
A single email address, phone number, or IP address can help you tell the difference between high-risk customers and valuable users. This is ideal for PSD2 (soon to be PSD3) and to help streamline KYC compliance.
Importantly, SEON is:
You can read more information in our privacy policy, designed to give you complete peace of mind when it comes to data processing and compliance.
Showing all with `` tag
Click here
Gergo Varga is SEON’s Product Evangelist. With more than 10+ years of experience in the Hungarian and international risk management sphere, he has developed an astute knowledge of RiskOps and Open Source Intelligence. He is the author of SEON’s Fraud Prevention for Dummies guide.
The top stories of the month delivered straight to your inbox