The Role of Fraud Prevention After the Repeal of Net Neutrality

Posted December 20, 2017

The Role of Fraud Prevention After the Repeal of Net Neutrality

Businesses may need to take another look at their fraud prevention solutions as the repeal of net neutrality rules, if fully enacted, could result in some unintended consequences — including a whole new avenue of attack for cybercriminals.

On December 14, the Federal Communications Commission (FCC) narrowly voted to repeal net neutrality rules despite vociferous opposition. Among other things, those rules have prevented broadband companies from blocking websites or charging higher rates for faster Internet connections or certain kinds of content.

The official rationale for the repeal is that deregulation will eventually yield new innovations. But consumer groups and online businesses argue that it will disadvantage those unable to pay for higher-quality Internet access, and give providers far too much power over consumers’ online experiences.

Still, the FCC’s decision is far from a done deal. Legal and political challenges are mounting, and it remains unclear when, or even whether, the repeal will ever go into full effect. But if it does, many worry it could inspire a new wave of online fraud.

Hot New Commodity for Cybercriminals?

The economic stratification of the Internet that repeal opponents fear wouldn’t be without risk for affluent users, either.

If tiered services do emerge to deliver faster access to those willing to pay more, premium broadband plans could instantly become irresistible targets for hackers.

Using phishing schemes, spyware and other tactics, cyber-thieves will seek to fool users into revealing login credentials that can then be sold online.

Most won’t even have to go that far. Consumers are known to overshare passwords for their favorite online services. Just look at video streaming, where up to 25 percent of viewers use somebody else’s credentials. If repeal results in the kind of sluggish Netflix experiences some predict, friends and family will be passing around credentials for the fasted broadband account they can get their hands on.

Before long, those credentials will get posted online, where they’ll join more than 9 billion other stolen credentials—names, addresses, passwords, PIN codes and more—available to fraudsters on the dark web.

As it stands, wayward login credentials will cost streaming companies $650 million in lost potential revenue this year. Across all industries, cybercrime fueled by stolen identity credentials will result in global losses of $3 trillion or more.

Highway Robbery on the Internet On-Ramp

In a post-neutrality world, fraudulent access to premium broadband accounts could quickly lead to cascading problems.

  • Depending on how broadband services are provisioned, fraudulent logins could push up customer costs if thresholds on bandwidth or the total number of linked users are exceeded.
  • Successful logins to existing accounts could also give hackers access to customer payment information. They may even be able to purchase additional services and resell them online.
  • Consumers’ proclivity to use the same login credentials on different accounts—the same password on iTunes and say, an online bank account, for instance—could make broadband credentials quite valuable to those piecing together identity information to commit larger crimes.

Building Confidence in a Zero-Trust World

Getting a handle on these challenges would be no small matter. Traditional user authentication systems that rely on usernames and passwords are simply unable to tell the difference between legitimate customers and fraudsters logging in with stolen credentials.

To attain that level of visibility, a growing number of businesses in virtually every industry are gravitating to digital identity-based user authentication, which goes beyond static login credentials to include hundreds of different, dynamic data elements that can’t be faked, stolen, or misused.

Using real-time threat intelligence spanning millions of daily transactions across tens of thousands of websites around the world, these solutions instantly recognize legitimate users and block out threats—without causing user friction.

Returning to streaming for an analogous business model, Netflix and others that have moved to digital identity-based authentication report dramatic reductions in many forms of fraud.

Challenges Ahead—Neutrality or Not

To be clear, such comparisons are imperfect at best. And it’s far too early to tell if the FCC’s repeal of net neutrality rules will even be enacted in full, let alone whether it would truly lead to the calamity opponents anticipate.

But given the difficulties businesses already face in preventing online fraud, one thing’s certain: Digital identity or not, many believe smarter forms of user authentication can’t come fast enough.

To see how digital identity-based authentication provides superior fraud prevention and can protect service-access accounts without adding friction, click here to check out exclusive case studies and more. 

ThreatMetrix Team

ThreatMetrix Team

close btn