Introducing Account Takeover Prevention
By Bill Hodak /
1 Mar 2017
Today, we’re excited to launch Sift Science Account Takeover Prevention, which automatically detects and blocks illegitimate login attempts from bad actors – without getting in the way of your good users. It’s the most proactive way to protect your valuable user base, your brand, and your bottom line from account takeovers.
More breaches = more ATO
The threat landscape is changing. As we move more of our lives online, fraudsters are also flocking to account takeover (ATO), which allow them to access richer information and cause more damage – all while flying under the radar as a legitimate, trusted user.
ATO is the downstream effect of a worrying rise in massive data breaches and phishing attacks. Criminals have easy access to billions of credentials, which they systematically test on sites and apps until they find a match. The result? 48% of online businesses saw a rise in ATO attempts last year. Faced with this growing threat, you have to ask yourself: are you doing enough to prevent your users’ accounts from being hacked?
How Sift Science ATO Prevention works
ATO Prevention uses machine learning and behavioral analysis to detect fraudulent logins. With a simple integration, we’ll be able to ingest and analyze your users’ behavior, and then compare that behavior with patterns of good and bad behavior on your site and across our network.
Then, each time someone logs in, we’ll return an ATO risk score in real time – so you can instantly identify risky users and dynamically alter the login experience. To calculate a score, our technology looks at a range of potential ATO signals, such as user browsing patterns, network and IP data, location history, and device information. We also leverage years of data we’ve already collected across our vast customer network of more than 6,000 sites and apps.
Once you’re in the console, it’s easy to review the signals that make a particular user risky – like location, IP address, device, etc. This makes it easy to resolve problems before they affect your good users.
Like all Sift Science products, it’s easy to automate how you manage logins, and set up dynamic fraud logic based on a user’s level of risk. For example, you may build in an extra authentication step (like a code sent via SMS) for certain users.
The bottom line? ATO attacks are inevitable. Data breaches happen. Credentials get exposed. But with the right tools and defenses, you can protect your users and secure their confidence by keeping their accounts safe from hackers.
Ready to get started with Account Takeover Prevention? Contact our sales team or visit the ATO product page to find out more. We’re excited to bring you this new product – as always, we’d love to hear what you think!