I founded Arkose Labs to solve a very specific problem – consumer account-based fraud. And today six years later our technology is being used by the largest companies in the world to protect their consumers from attackers taking over their online accounts and more.
This type of fraud is the hardest to detect and the most difficult to prevent because attackers use bots to leverage volumetric attacks combined with the use of real people’s stolen credentials to get into accounts. That means to a company an attack could look like it is the real person trying to access their account. To stop attackers, discerning a good user from a bad actor, at scale, is imperative.
Here’s a good example that shows the power in what we do every day: A fintech neobank was seeing about 30,000 failed login attempts per day; the vast majority of these were credential stuffing attacks seeking to compromise consumer accounts. This massive amount of requests also put a great strain on the platform’s tech infrastructure. To commit credential stuffing attacks as fast as possible, attackers would deploy bots that would directly target back-end API services.
By bypassing web forms and talking to back-end servers directly, fraudsters could write more simple scripts that would allow them to carry out attacks at greater volume and velocity. The bad actors would then drain the funds of consumers whose accounts were compromised.
The neobank selected our technology to solve this problem, and when deployed immediately they saw a 75% reduction in account takeover attempts, they slashed compromised account costs previously hitting $100,000 per week and their employees could focus on other higher-value efforts because they weren’t spending time resetting credentials on compromised accounts.
In addition to attacks against existing accounts, we also protect businesses from fake new account fraud. Attackers use bots to create fake new accounts at scale for a variety of purposes. These can include inventory hoarding, to take advantage of promotional offers meant to attract new customers and for the purpose of sending spam and phishing messages to real users. It’s imperative that all digital businesses ensure everyone on their platform is who they say they are.
How did you come up with the idea for the company?
The concept for Arkose Labs emerged because online fraud is a massive problem and it is a problem that technology is well-suited to solve.
I had first-hand experience dealing with the downstream effects of fraudsters. I’m a gamer. I grew up playing online video games, and experienced numerous times when I had to reset my password because the game had been compromised.
Later on, I started my career in biomedical technology development and human social interaction technology development. Those two experiences led me into the anti-fraud space because I felt like the same technology approach could be developed to stop online attacks.
How has the company evolved during the pandemic?
One of the biggest ways that we evolved during the pandemic was to further our leadership role in this industry. We launched a $1 Million credential stuffing warranty. Cybersecurity companies tend to operate on a “best efforts” model and that simply isn’t good enough. So my hope is that this will be a clarion call for the rest of the industry to follow suit, and put their money where their mouth is.
We’ve also added features like behavioral biometrics to our technology platform, and at the same time expanded the industries that currently use our technology platform. We serve customers in the fintech, banking, technology, social media, and travel industries, plus many others. Also, we raised our Series C in 2021, and have increased employee numbers throughout the pandemic, doubling every year. The success of our technology continues to attract other large enterprise companies to select us.
What can we hope to see from Arkose Labs in the future?
We have very exciting additions to our technology platform that are forthcoming and are going to be game-changing in the race to keep consumer accounts safe online.
We also made waves in the industry this month by hiring former criminal Brett Johnson as our “Chief Criminal Officer.” He is a former FBI Most Wanted cybercriminal, identity thief and hacker who has stepped away from a life of cybercrime and now devotes his career to working with enterprises to help deter fraud. Working very closely with my team, Johnson will help shape intelligence-gathering strategies that result in unique and timely insights to help make fraud efforts less lucrative for bad actors.
Read the original article here.