Don’t Let ATO Steal Your Holiday Season

A shopping mall with checkered floors is decorated for Christmas

Reports of account takeover (ATO) from our e-commerce customers have risen 67% in the past six months. What is driving this rise? Moreover, what can you do to combat it without impacting the vitally important holiday season? 

Fraudsters use a number of tactics to takeover accounts, including social engineering, credential stuffing and phishing attacks. Regardless of the method used, the consequences are very costly for merchants.

The cost of ATO attacks goes far beyond lost revenue

  • Cost of chargebacks – E-commerce chargebacks due to fraud are expected to reach $30 billion by 2020. 1
  • Damage to customer relationships – Customers spend 16 hours on average resolving issues after their account is taken over. 2
  • Loss of brand reputation – 44% of shoppers said they will never buy from a retailer again after a data breach3

To complicate matters, ATO attacks aren’t targeted only at login, but also at other points of vulnerability, such as the contact center and at account management. And beyond that, customers are sensitive to any added friction in their shopping experience. This leaves merchants in the precarious position of needing to prevent account takeover while preserving a positive customer experience. 

As we’re entering National Cyber Security Awareness Month, it’s a great time for merchants to audit what controls are in place to secure customer accounts and prevent account takeover. It’s critical to protect the entire customer journey, securing points of risk while reducing friction for good customers. Allowing customers to worry more about their gift-buying and less about their account security. 

If you’d like to learn more, check out the upcoming webinar, “Don’t Let ATO Steal Your Holiday Season”. iovation will dive into common ATO attack methods, how to secure the entire customer journey and most importantly, how to give your customers a smooth shopping experience this holiday season. 

This webinar is open to RH-ISAC Core members and retail and hospitality cybersecurity professionals eligible for RH-ISAC Core membership. Email [email protected] to register today

  1. TotalRetail 5 Ways E-Commerce Merchants Can Combat Identity Fraud
  2. Javelin 2018 Identity Fraud: Fraud Enters a New Era of Complexity
  3. TransUnion 2018 Retail Consumer Survey Insights

More Recent Blog Posts

2024 RH-ISAC Cyber Intelligence Summit logo

Register for RH-ISAC Summit

Our biggest event of the year is coming up soon! Join RH-ISAC April 9-11 in Denver for our annual three-day conference featuring interactive, practitioner-led discussions, breakout sessions, and keynote presentations.