Legitimate Account Update or ATO? Here’s What You Need to Know

Credit card payment

The rise in Account Takeovers (ATOs) has become a pressing concern for fraud fighters. Whether businesses are currently grappling with the issue or proactively planning, the challenge lies in effectively identifying ATOs while ensuring a seamless experience for genuine customers.

Companies are more focused on revenue growth than ever. Businesses are expanding into new regions and embracing digitization, which also comes along with increased risk. However, when the focus shifts towards revenue growth, implementing measures to prevent fraud and adding friction is often met with resistance. Relying on blanket checks for every customer as a solution for ATO and fraud prevention is no longer feasible.

In this blog, we will delve into new ATO trends, the challenges they present to businesses, and explore reliable indicators and solutions to combat this growing problem effectively.


ATO Trends

ATOs are rising. In 2023, 29% of American adults experienced ATO, a 7% rise since 2021. Fraudsters are cleverly targeting multiple touchpoints throughout the customer journey. From altering identifying information at login to switching payment details just before and after logging in, these attackers exploit numerous opportunities and use multiple tactics to commit fraud.

Here are some of the current trends fraud fighters see today:

  • Fraudsters target accounts with accumulated loyalty points, rewards, and benefits, which users may be unaware of, and use them to claim gift cards, free services, products, or cash itself
  • Right before checkout and or just after, fraudsters will change the second address to avoid detection
  • Generative AI also contributes to the rise of ATO attacks by enabling more realistic social engineering techniques. In some instances, fraudsters trick account owners into verifying a login or account change by sending a socially engineered email asking the account owner to click on the disguised magic link and validate the change.

Fraudsters are getting creative, and the difficulty in detecting these incidents is growing.

Business and Customer Experience Challenges

When fraud teams raise flags about increased ATOs, gaining buy-in for increased fraud prevention is challenging and often met with pushback. Businesses are focused on customer acquisition, while sales and marketing teams want to make checkout and payments easier with minimal friction. Additionally, from the customer experience perspective, it’s typical for users to change their payment details, especially as remote work, travel, and customers’ chosen payment methods frequently change. Risk, fraud, and payment teams know best that checking each account update is inefficient–manual review causes delayed customer services. Automation, on the other hand, adds friction, often unnecessarily. Both cause dropoff and increase the churn rate. For marketplaces, such delays and friction can be even more significant for sellers as their sums are larger.  

Solutions to ATO Prevention

To solve the problem of ATO, fraud, risk, and payment teams should educate internal departments. Teams should identify the products often targeted by fraudsters and the key areas where additional friction should be applied. Valuable insights can also be gained from analyzing false positive data, allowing teams to identify legitimate consumer behaviors that typically do not require further investigation. By sharing this knowledge across departments, organizations can enhance their ability to combat ATOs effectively.


Fraud teams should look out for specific indicators of ATO, including:


  • Change requests immediately after login or a long period of inactivity
  • Multiple failed login attempts followed by account changes
  • Turning off notifications for account changes
  • Changing shipping addresses before or right after checkout

Such indicators can be used to trigger added friction to detect ATO. Once change requests are initiated, companies should take several steps to ensure the account owner authorizes the changes. Step-ups should be incorporated throughout the customer journey or after account updates to confirm user identity. Furthermore, sending a simple notification to the account owner regarding any changes made to their account can be an effective measure. Requesting CVV during transactions is another viable option to enhance security. Implementing Two-factor authentication (2FA) methods such as passkeys, biometric scans, or magic links can also be employed to verify user identities.


How Identiq’s Private Network Validates Account Owners

Identiq’s Private Network for Identity and Trust uniquely validates account credentials against fresh and live first-party data of some of the world’s largest companies. When a company encounters uncertainty regarding a customer or a transaction, Identiq’s network members anonymously query the network to validate their identity, payment, and transaction information. With constantly updated, fresh data, companies can understand whether an account update is legitimate by validating the account owner’s credentials. Our customers validate users at any touchpoint throughout the user journey without asking their consumers anything, allowing for seamless experiences and increased revenue.

Identiq’s Private Network for Identity and Trust revolutionizes the way companies validate account credentials and ensure trust in customer interactions. By leveraging fresh and live data from some of the world’s largest companies, our network anonymously validates identity, payment, and transaction information, enabling businesses to verify the legitimacy of account updates. Our clients can confidently validate users at any touchpoint throughout the user journey without disrupting the consumer experience, ultimately approving more transactions and increasing revenue.

Want to learn more about preventing ATOs and validating identities?

Get in touch!