RH-ISAC BLOG

Don’t Let ATO Steal Your Holiday Season

Author: iovation

Reports of account takeover (ATO) from our e-commerce customers have risen 67% in the past six months. What is driving this rise? Moreover, what can you do to combat it without impacting the vitally important holiday season? 

Fraudsters use a number of tactics to takeover accounts, including social engineering, credential stuffing and phishing attacks. Regardless of the method used, the consequences are very costly for merchants.

The cost of ATO attacks goes far beyond lost revenue

  • Cost of chargebacks – E-commerce chargebacks due to fraud are expected to reach $30 billion by 2020. 1
  • Damage to customer relationships – Customers spend 16 hours on average resolving issues after their account is taken over. 2
  • Loss of brand reputation – 44% of shoppers said they will never buy from a retailer again after a data breach3

To complicate matters, ATO attacks aren’t targeted only at login, but also at other points of vulnerability, such as the contact center and at account management. And beyond that, customers are sensitive to any added friction in their shopping experience. This leaves merchants in the precarious position of needing to prevent account takeover while preserving a positive customer experience. 

As we’re entering National Cyber Security Awareness Month, it’s a great time for merchants to audit what controls are in place to secure customer accounts and prevent account takeover. It’s critical to protect the entire customer journey, securing points of risk while reducing friction for good customers. Allowing customers to worry more about their gift-buying and less about their account security. 

If you’d like to learn more, check out the upcoming webinar, “Don’t Let ATO Steal Your Holiday Season”. iovation will dive into common ATO attack methods, how to secure the entire customer journey and most importantly, how to give your customers a smooth shopping experience this holiday season. 

This webinar is open to RH-ISAC Core members and retail and hospitality cybersecurity professionals eligible for RH-ISAC Core membership. Email events@rhisac.org to register today

TotalRetail 5 Ways E-Commerce Merchants Can Combat Identity Fraud

Javelin 2018 Identity Fraud: Fraud Enters a New Era of Complexity

3 TransUnion 2018 Retail Consumer Survey Insights