Close this search box.

The Login Dilemma: Shopping in the Age of Account Takeover

Account takeover (ATO) attacks yield better rewards than basic CNP fraud. When fraudsters gain access to your customers’ accounts, they obtain valuable information, and the fraudulent transactions they go on to commit are much harder to detect and stop. ATOs also have a devastating impact on brand reputation and the lifetime value of a customer.

A Riskified-commissioned survey of nearly 4500 participants provided insights into the negative impact ATOs have on both customers and merchants. Despite the increase they recorded in ATO attacks—35% of merchants report that at least 10% of their accounts have been taken over in the last year—a surprisingly large percentage of merchants don’t have measures in place to prevent them.

Our report, The Login Dilemma: Shopping in the Age of Account Takeovers, explores how cybercriminals obtain legitimate login credentials, and offers tips on how to detect a bad actor at the first point of contact: the login. You’ll also find actionable insights on customers’ and retailers’ attitudes towards account takeovers. Here are some of the key topics covered in the report. 

How do ATOs happen?

To carry out an ATO attack, fraudsters must gain access to a legitimate customer’s eCommerce store account. Phishing scams are a popular method fraudsters use to get a hold of credentials. Bad actors create mockups of a popular site, like, and prompt users to reset their passwords. Kits for creating such mockups are sold on the dark web. 

How do customers and merchants feel about ATOs?

64% of merchants say that at least half of their orders come from account holders, and those account holders spend more and shop more frequently. The overwhelming majority of customers, 81%, said that more than half of their online transactions happen at stores where they already have an account. So it’s no wonder why merchants don’t want to upset or inconvenience account holders.

Store accounts are much more than a service to customers; they are assets. Every time a customer opens an account with a merchant, their future expenditure prospect increases. The lifetime value of the shopper can double or triple when they open an account. The challenge many merchants face is that every perk and service they offer creates a vulnerability that fraudsters can exploit. Customers, on their end, don’t keep quiet when their accounts are breached. The majority of online account holders, 65%, said they would likely stop buying at the store, 54% said they would delete their account, and 30% said they would encourage friends to stop shopping with the merchant.

How to protect your store from ATO attacks?

The tricky part about stopping ATOs is that merchants do not have enough information to work with at the login point to make a reliable decision. Simply comparing IP addresses and device fingerprints are not enough to make an accurate decision.

The most important thing for an effective ATO prevention solution to do is to obtain additional data points to aid in the decision. For example, IP geo data, behavioral analytics, and the input of a spoofing detection solution can help determine in real time if the person accessing the account is the legitimate account holder. In addition, accurate login decisioning is often the result of strong data sharing networks. Strong data networks can help fill in the missing information you need and help you complete the narrative behind each login. 

These are just some of the insights included in our report about Account Security in 2020. Download the free report here.

Read More