In the e-commerce, travel, social media, and gaming industries, fraudsters often target account registration fraud creation. This is because new accounts require a large amount of personal data, such as full name, address, phone number, and email. This information can then be used to steal a person’s identity or commit a range of other types of fraud attacks. In fact, according to the 2021 State of Fraud Report, bogus account registrations and logins were some of the most common attacks detected by the Arkose Labs Fraud and Abuse Prevention Platform in the first half of this year.
Fraudsters are able to access stolen information from data breaches, purchase advanced bot tools, or create fake identities using synthetic data to attack online registration processes. These tools can mimic human behavior, including key presses and mouse movements, making them difficult to detect. They can also use emulators and virtual machines to scale their operations, increasing the speed at which they can make bogus registrations and logins.
Protecting Your Platform: Strategies to Combat Account Registration Fraud
The result is that businesses are finding it increasingly hard to balance attracting new customers with ensuring the security of digital touchpoints. The most effective way to prevent new account registration fraud is to validate the identity of the person registering for an account by comparing biometric face verification with the photo in their government-issued ID document.
A number of other indicators are also useful when identifying account registration fraud, such as a rapid influx of new accounts and an unusual geographic distribution. If the full name does not match their credit card or bank account, or they are trying to redeem rewards before they are eligible, this could indicate a fraudulent attempt is underway.