"Ravelin’s investigations team was able to provide insight and analysis on what was happening in our customer database."
Dennis Friemerding
Payments, Fraud & Risk Management, FlixBus
The Rise of Account Takeover
Account takeover (ATO) is when a fraudster gains control of an account that belongs to a genuine customer. Fraudsters cause the customer’s good track record to make unauthorised transactions. The financial and reputational costs are huge. ATO is not a single line of attack. Fraudsters use a variety of techniques to compromise accounts. Ravelin uses an adaptable and multi-pronged approach to help businesses staunch the losses to fraud.
The complete guide to account takeover for online merchants
This guide covers in-depth how ATO happens, strategies to fight back and how Ravelin's products can help.Account Takeover Uncovered
Check compromised credentials
Ping our breached credential database at login, during registration or password update to verify if the credentials have been seen in a data breach. We have pulled millions of compromised details into a database meaning you know instantly if unsafe details are being used and you can act accordingly.
Set rate limits at login
Add customizable rate limits at login aligned with operational requirements, protecting your business. Having rate limits that specifically target behaviour associated with ATO ensures that merchants can protect customers from high volume attacks.
Set rules to prevent attacks
Set ATO specific rules around device, username, IP and velocity. For example, if the same device tries to access X accounts within a set time frame. Rules like this are especially useful for tackling ‘low and slow’ volume attacks. This can help to protect good customer accounts from more strategic attacks, protecting your reputation and your bottom line.
Proactively notify customers
Informing a user of material changes to their account can be a simple way of mitigating the risk of ATO, ensuring that any attacks are dealt with quickly. Ravelin detect and inform you of significant changes, for example if a new device is detected at login, a new address is added or suspicious activity is detected. The events can be defined by the merchants.
How Ravelin for Account
Takeover can benefit your business
Enhance your reputation for security
Consumers are increasingly aware and concerned about ATO and account security thanks to high profile data breaches. Good customers often end up spending hours resolving incidents of ATO and can also end up out of pocket as a result of an attack. ATO can significantly impact your reputation; don’t let fraudsters damage your brand.
Reduce losses to compensation
ATO can have serious implications for your bottom line, impacting customer retention and resulting in losses from attack. Over the last few years there have been significant increases in ATO attacks, costing merchants millions. Don’t let fraudsters reduce your growth.
Protect your reputation
For merchants, it’s not just the cost of replacing goods or refunding payments - it’s also the time spent by support teams dealing with angry customers and other teams tackling the legal and operational consequences. Reduce the strain on operational teams; don’t let fraudsters reduce your operational capacity.
How to get started
Ravelin’s ATO is available is part of Ravelin Enterprise. One integration to enable the best of payment fraud detection and account security. Secure your growth
Talk to an expert