Account Takeover Identify Protection

Account Takeover Protection (ATO) Overview

Not every user who tries to login to an account on your site is a good user. Some are fraudsters - and you don’t want them accessing your good customers’ accounts. Fraudsters misuse good accounts to carry out fraudulent transactions, steal good users’ data, use up their loyalty points, and more - all of which often leads customers to use your site less in the future, and buy less when they do.

Protecting your customers’ accounts helps you to deserve and maintain customers’ trust, and Forter is here to help you do just that. Forter’s ATO protection guards both login and attempts to access sensitive account information, and also incorporates multi-factor authentication (MFA) results.

MFA results are important, because sometimes, when a customer is trying to login to an account, or trying to access sensitive information stored in the account, it won’t be clear whether they’re the person to whom the account belongs. Maybe their behavioral profile is the same as usual, and they’re using the same type of device and browser etc. that they usually do - but this time, it’s a new device and IP. That can be entirely benign (for example, the user got a new device and is trying it out) but can be a sign of suspicious activity. In such cases, it’s worth adding extra protection for your customer, by stepping up an authentication challenge such as multi-factor authentication.

Protecting customers’ accounts with Forter’s Identity Protection protection is easy, as you’ll see from the process outlined here and explained in greater detail below the Integration Sequence Diagram.