NuData Security’s statistics for 2017 paint a worrying picture of the account takeover landscape
NuData Security, a Mastercard company, and a leader in the field of passive biometrics, has identified some concerning trends in account creation and takeover.
Looking at the billions of events monitored by NuData Security, 40% were flagged as high-risk. Half of all login attempts deemed high risk compared to 15% in 2016, and account takeovers increased ten-fold in 2017.
Account takeover is notoriously difficult to combat, as companies can’t discern between legitimate and fraudulent users – as they are both presenting correct credentials. “As data breaches continue to break records year over year, more and more PII becomes readily available for fraudsters to access on the dark web,” said Ryan Wilk, Vice President at NuData Security. “With the password and credential reuse, and the wealth of available credentials, it is not surprising that we have seen such a stark increase.”
NuData Security also identified that the total purchases across their client base had doubled from 2016 to 2017, with the number of purchases made with flagged credit cards also doubling accordingly. The rollout of EMV in the U.S. has made it harder for bad actors to commit fraud in the card present environment, resulting in a shift towards card not present where they can try different techniques.
“Traditional models of account access are being bypassed by bad actors over and over,” Wilk continued. “Companies should review their authentication frameworks and make sure they have multi-layered solutions that include physical and passive biometrics technology.”
NuData also released statistics regarding mobile phone events, showing a 150% increase in total mobile phone events, with 30% of those being considered high risk.