Report Marks Trends Leading up to Holiday Shopping and Identifies Top Concerns such as Account Takeover and Customer Friction
Hot off the presses, or more accurately, straight out of cyberspace, comes the “ThreatMetrix Cybercrime Report: Q4 2014” detailing Q3 cyberattacks discovered by the ThreatMetrix Global Trust Intelligence Network (The Network) which analyzes more than 850 million monthly transactions, and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.
Now leveraging real-time, anonymized data from The Network across industries, the Report, having samples from close to a billion transactions offers a representative summary of activity that includes account creation, payment and login fraud.
E-commerce holiday season shopping threats
With emphasis on the e-commerce industry and based on current attack trends, card-not-present, account takeover and fraudulent account registration attacks were in no small way associated with countless high profile data breaches in the past year. This trend will likely accelerate during the upcoming $600 billion holiday shopping season.
While many reports discuss cyberthreat trends such as malware, massive data breaches or the total economic impact of cybercrime, the ThreatMetrix Cybercrime Report: Q4 2014 is the first of its kind to analyze how often stolen and compromised identities are used in the commission of additional cybercrimes.
Alisdair Faulkner, chief products officer, ThreatMetrix
“In addition to payment fraud this holiday shopping season, our biggest concern is the spike in the number of account takeovers we are seeing on retail websites. ThreatMetrix data shows an upswing in account takeover activity in the wake of recent massive data breaches – and most retailers will be caught unprepared.
“Previously, guest checkouts represented the highest risk, but due to the prevalence of data breaches and the convenience of storing credit cards to make mobile purchases easier, fraudsters have found it just as easy to use a stolen username and password as it is to use compromised credit card information that has a shorter life span before being shut down. Even strong PCI compliance and encryption means little when cybercriminals utilize stolen password and email combinations to compromise customer accounts. Retailers need to leverage a shared global network of trust intelligence to differentiate between trusted and suspicious transactions.”
e-Commerce high-risk transactions
In comparison to other industries, e-commerce falls in the middle when it comes to high-risk transactions with 4 percent of all transactions labeled as high-risk. Overall, high-risk transactions and logins are typically rejected outright by ThreatMetrix customers.
e-Commerce transactions by percentage and risk:
- 7 percent account creation, with 5.2 percent high risk
- 14 percent account login, with 5.5 percent high risk
- 79 percent payment, with 3.4 percent high risk
Financial Services Industry Cybercrime and Customer Friction
The Report examines financial services transactions and authentication attempts. While only 1 percent of transactions and logins are labeled as high-risk, financial services tolerate a higher threshold of risk at point of login and instead intercept attempted money transfers or rely on intrusive step-up authentication solutions to provide extra assurances.
Financial services transactions by percentage and risk:
- 2 percent account creation, with 1.7 percent high risk
- 83 percent account login, with 0.7 percent high risk
- 15 percent payment, with 0.5 percent high risk
“Attacks aimed at financial services are more targeted and result in much higher losses and possible brand damage than e-commerce ‘spray-and-pay’ attacks – meaning randomly targeting as many victims as possible.
“Financial services businesses are dominated by higher authentication requirements, making it more difficult for fraudsters to attack. As a result, attacks leveraging malware are much more common and the challenge for most financial institutions has shifted from the detection of anomalous account access to stopping valid customers from being caught in the fraud net.”
EMV and Apple Pay move threat online
While EMV, Apple et al. will cut down on point-of-sale fraud such as that caused by recent data breaches, more secure in-store payments will increasingly push fraud online and e-commerce and financial services executives must be prepared to protect against such risks.
Media industry faces highest percentage of high-risk transactions
Consisting of social media, content streaming and online dating websites, the media industry is subject to 9 percent of high-risk transactions, the highest percentage of all industries examined.
Media transaction by percentage and risk:
- 6 percent account creation, with 4.6 percent high risk
- 66 percent account login, with 6.2 percent high risk
- 28 percent payment, with 3.7 percent high risk
“The media industry has the highest incidence rate of high-risk transactions due to the low authentication threshold – often only consisting of a username and password combination. Such identities can easily be compromised due to using the same login credentials across websites and a significant number of data breaches exposing these login combinations.”
Mobile represents one-quarter of all activity in The Network
For the Report, total mobile activity was also examined for the prevalence and breakdown of cyberthreats. According to ThreatMetrix data, mobile represents nearly one-third of all activity on The Network. However, while cybercriminals target mobile, this channel still has much lower risk rates than desktop.
“As iPhone, Android and tablet usage continues to increase among consumers, mobile will represent an equal opportunity channel for cybercrime activity,” said Faulkner. “Cybercriminals always go where the money is and as more transactions turn to mobile, they will create new, sophisticated strategies to target this channel.”
Android versus iOS as targets
The report found that while Android represents a much higher percentage in terms of market and browser share, iOS (iPhone and iPad) generates nearly twice the number of payments, logins and authentications of all mobile operating systems combined. Specifically, 64 percent of mobile transactions are either iPhone or iPad transactions. Additionally, 48 percent of mobile attacks target iOS devices.
Top attacks by transaction type
Leveraging activity across industries for both mobile and desktop, the Report identified top attacks by transaction type and found spoofing (IP address, geolocation, identity and device spoofing) is the most common type of attack across payments, account login and account creation.
Cybercrime in all its guises
As a whole, cybercrime is a multi-billion dollar industry, which consists of organized cybercrime, nation states and many types of hackers. Given the widespread prevalence of cybercrime and no signs of its slowing down, businesses need to place an emphasis on understanding the types of attacks that occur once identities are compromised. In addition, no business – no matter the industry or size – can afford to stand alone in the fight against cybercrime. Rather, businesses must leverage a global network of trust intelligence to assure they have the best resources available to differentiate between authentic and fraudulent transactions without disrupting the customer experience with added friction.
To learn more, download the “ThreatMetrix Cybercrime Report: Q4 2014” eBook: http://goo.gl/6wUWrV
ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.
ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.
The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.
For more information, visit www.threatmetrix.com or call 1-408-200-5755.