#1 Account Takeovers? There's an App for That
Thanks to the theft of more than 11.7 billion personal identity records, credit card information, Social Security numbers and mountains of other personal identity credentials sell for as little as $0.19 on the dark web. As a result, identity proofing is becoming a critical issue for every business operating within digital channels — including via mobile apps. Today, mobile apps continue to rank among the safest ways to transact digitally and are four times safer than transactions made through the mobile browser.
#2 Account Creation Attacks on the Rise
According to our Cybercrime Report, account creation attack volumes increased by 293% year over year in the last six months of 2019.1 In these rapidly proliferating cybercrimes, fraudsters are using bots to sign up for mass new media accounts to take advantage of free trials/streaming bonuses that can be sold for a profit. In e-commerce, these new account creation bots are seen at online marketplaces, virtual gift card companies and ridesharing sites.
#3 Mobile Payments Face More Growing Pains
Account login/take-overs and fraudulent creations represent the majority of identity-related fraud activity, particularly for e-Commerce merchants.2 But retailers and quick service restaurants launching their own mobile loyalty and payment apps are starting to feel the heat as well. This summer, an international mini-mart brand shut down its new Japanese mobile payment app just days after it was first released. In a matter of hours after its launch, fraudsters armed with stolen customer birthdates, phone numbers and email addresses were able to initiate a password reset and take over nearly 1,000 customer accounts. Because the app was tied to the customer's credit card, these thieves were able to pull off $500,000 in fraudulent purchases in just a few days.
#4 Bot Volumes Still Growing
Bots are people, too—if you can’t tell the difference. Fraudsters are targeting mobile devices, using bot attacks to test or exploit stolen customer login credentials in retail and banking accounts. Though still a significant problem, logins recently have become a safer transaction compared to the past. The attack rate has decreased by 38% YOY, but 110 million login in attacks were still recorded in the Digital Identity Network® during the last half of 2019.
Bot volumes can be very volatile given that one bot attack can represent millions of individual attacks. The Digital Identity Network has recorded strong growth in bot attacks from Canada, Germany, France, India and Brazil, despite the fact that the global bot volume has fallen YOY.1