Mobile Fraud Detection: Top 4 Threats to the Mobile Channel

1-888-216-3544

1-800-953-2877

Cybercriminals are following the masses and the money into the mobile channel.

Top 4 Mobile Threats
For some businesses and industries, the term "mobile-first" is rapidly becoming mobile-first, last and everywhere in-between. Yet even as the mobile channel increasingly takes center stage, rising security concerns in retail, payments and financial services suggest mobile fraud detection has never been more important.

According to data from the LexisNexis® Digital Identity Network, the mobile channel now accounts for 62% of all transactions worldwide.1 Unfortunately, fraudsters have picked up on this consumer shift towards mobile and are adapting to changing consumer behavior as transaction volume shifts to this anywhere, anytime medium. As increasingly sophisticated cybercriminal organizations follow the masses (and the money) into the mobile channel, the following four trends are reshaping the threat landscape around the world.

#1 Account Takeovers? There's an App for That

Thanks to the theft of more than 11.7 billion personal identity records in just the past three years, credit card information, Social Security numbers and mountains of other personal identity credentials sell for as little as $0.19 on the dark web. As a result, identity proofing is becoming a critical issue for every business operating within digital channels — including via mobile apps. Today, mobile apps continue to rank among the safest ways to transact digitally and are four times safer than transactions made through the mobile browser.

"Fraudsters are increasingly targeting mobile devices, using bot attacks to test or exploit stolen customer login credentials in retail and banking accounts."

#2 Account Creation Attacks on The Rise

According to our 2019 Cybercrime Report, mobile account creation attacks have soared 144% in just the first six months of this year.2 In these rapidly proliferating cybercrimes, fraudsters are using bots to sign up for mass new media accounts to take advantage of free trials/streaming bonuses that can be sold for a profit. In e-commerce, these new account creation bots are seen at online marketplaces, virtual gift card companies and ridesharing sites.

#3 Mobile Payments Face More Growing Pains

Account login/take-overs and fraudulent creations represent the majority of identity-related fraud activity, particularly for e-Commerce merchants.3 But retailers and quick service restaurants launching their own mobile loyalty and payment apps are starting to feel the heat as well. This summer, an international mini-mart brand shut down its new Japanese mobile payment app just days after it was first released. In a matter of hours after its launch, fraudsters armed with stolen customer birthdates, phone numbers and email addresses were able to initiate a password reset and take over nearly 1,000 customer accounts. Because the app was tied to the customer's credit card, these thieves were able to pull off $500,000 in fraudulent purchases in just a few days.

Top 4 Mobile Threats

#4 Mobile Bots Mean Bad News Ahead

Bots are people, too—if you can't tell the difference. Fraudsters are increasingly targeting mobile devices, using bot attacks to test or exploit stolen customer login credentials in retail and banking accounts. In financial services, for instance, our data indicates mobile web-based account takeover attacks, many involving bots, grew by over 100% in 2018.4 And it may be about to get worse.

In a growing number of instances, mobile account creation bots are targeting social media apps to test, validate or build synthetic identities for use in downstream cybercrimes. During the first six months of this year, we detected hundreds of thousands of bot attacks launched from Russia, Indonesia, Brazil, Thailand, India and Bangladesh—suggesting significant growth in synthetic identity farms in emerging and growth economies.

"By identifying the linkages between customers, organizations will be able to accurately determine the legitimacy of the person on the other end of a mobile transaction."

Digital Identity: The Secret to Mobile Fraud Detection

To detect and disrupt mobile fraud threats, organizations need to adopt modern, digital identity-based approaches to user verification and assessment. By identifying the linkages between customers and their associated credentials, devices, accounts, locations and hundreds of other risk attributes, organizations will be able to accurately determine the legitimacy of the person on the other end of a mobile transaction. 

In particular, mobile fraud detection solutions that combine SSL-based device fingerprinting, web and mobile device intelligence and behavioral biometrics tied to digital identity intelligence are seen as an effective way for organizations to gain an upper hand against cybercriminals. 

LexisNexis Risk Solutions
Cybercrime Report
(Jan.-June 2019)

What you need to know about cybercrime strategies and how to protect your customers.

Have Sales Contact Me

Related Resources

Loading...