Account Takeover

Global Tech Platform Case Study: Future-Proof Account Takeover Attack Protection

October, 2, 20204 min Read

In an account takeover (ATO) attack, fraudsters use stolen credentials to hack into an authentic user account. Account takeover is challenging to stop as fraudsters use automated bots and scripts, manipulated digital identities, and advanced evasion techniques. Instead of relying on legacy or purely data-driven solutions, businesses must look beyond mitigation and adopt a fraud defense approach that prepares them for the future and safeguards customer interests.

Digital enablement is helping people use cloud-based technology platforms and workspaces to work from home, interact, and collaborate. As a result, there is an exponential increase in online traffic on technology platforms. This has provided attackers with an opportunity to abuse and attack these enabling platforms.

Recommended Blog: Anatomy of an Account Takeover Attack (ATO)

Increased traffic opens up a window of opportunity for ATO

Taking advantage of the increased digital traffic during COVID-19, attackers sneak into the business networks by blending in with the genuine traffic. Fraudsters use mass manipulated digital identities and stolen username-password combinations to take over the accounts of authentic users. Arkose Labs' Q3 2020 Fraud and Abuse Report reveals that logins are the most attacked touchpoint and account takeover attempts constituted nearly 28% of the attacks in the first half of the current year.

To achieve scale and maximize returns from an attack, fraudsters mobilize their resources—automation, sweatshops, or a combination of the two. Arkose Labs has found that while fraudsters relied on automation in Q1 they switched over to using sweatshops in Q2 2020 to attack the technology platforms.

Further, fraudsters have studied the defense mechanisms that businesses deploy and bring to bear this knowledge to easily circumvent them. Even data-driven solutions cannot provide robust protection, as they rely on clear 'trust' or 'mistrust' signals from the incoming traffic. Since digital identities have been corrupted at scale, this clarity in signals is not always possible. As a result, a lot of signals now fall in a 'grey' zone, which these solutions can't understand.

Recommended Blog: Account Takeover Fraud and the Limits of Legacy Solutions

Legacy authentication solutions fail businesses on multiple fronts

Protecting businesses against the menace of account takeover attacks, therefore, takes a beating due to these outdated authentication systems. This disrupts the user experience and overwhelms the fraud teams that are kept busy covering the tracks fraudsters expose. All of these challenges make the fight against account takeover challenging for businesses.

One of our customers—a cloud-based, storage, and workspace collaboration platform with presence across 180 countries—was facing this exact problem. The platform was under siege as fraudsters relentlessly abused the login process for account enumeration and to attempt account takeover of authentic users.

The existing legacy fraud solution failed to provide the level of protection that the company would need for expansive, global operations. It could easily be circumvented using automated solvers and provided no protection against human-driven attacks. Apart from degrading the user experience, it was also damaging the reputation of the platform, as users had come to expect security of their accounts while storing and sharing sensitive data.

Recommended Blog: Introducing the Bankrupting Fraud Virtual Summit 2020

Arkose Labs looks beyond mitigation and focuses on prevention

It was, therefore, imperative for the platform to protect the integrity of the user accounts with a fraud defense mechanism that would enhance protection as well as offer a frictionless user experience to authentic users. Arkose Labs helped the platform eliminate fraud attacks while improving the user experience for authentic users. It not only stopped account takeover attempts but also eliminated fraudulent new account registrations and reduced intervention for users by 70%.

Using continuous intelligence and real-time signals, the dynamic risk engine—Arkose Detect—analyzed user behavior to understand the true underlying intent and assign risk scores accordingly. This risk decisioning powered the challenge-response mechanism—Arkose Enforce—to present appropriate and context-based challenges to the users as per their risk assessment.

Fraud-prevention that keep user interests at the forefront

Most authentic users were not even presented with any challenge, but risky users faced incrementally complex challenges, till they were forced to give up. Automated scripts and bots trying to clear the 3D enforcement challenges at scale, failed instantly, as our proprietary challenges are resilient to automatic solvers. This targeted use of friction continues to enable the technology platform to withstand evolving attack patterns for long-term protection. Authentic users continue to use the platform with an assurance that the privacy and integrity of accounts are adequately protected.

To learn how the Arkose Labs solution empowered the global technology giant to protect its platform from account takeover attacks while keeping the customer interests at the forefront, read the case study here.