Fighting account takeover (ATO) isn’t as simple as banning a fraudster. In committing ATO, fraudsters can imitate an honest user’s behavior, making the attack difficult to detect. And once you have detected it and stopped the fraudster, you then have to regain the affected user’s trust. ATO is a major pain — and it can seriously damage your brand and bottom line. How do you fight such a unique and pervasive threat?
Enter two trust & safety experts! Oggie Nicolic (who taught us how to combat content abuse on a previous podcast) is a Google engineer with a background in risk management. Kevin Lee, a familiar voice on the podcast, is the trust & safety architect at Sift. Together and separately, these two have fought fraudsters and taken names in just about every context imaginable.
On this podcast, we’re sitting down with Oggie and Kevin to learn how to fight ATO. Is there a difference between the types of fraud teams that would handle a case of ATO versus a case of payment fraud? What makes ATO so challenging to detect — and how do you mitigate those challenges? And why is ATO just like spraining your ankle? Oggie and Kevin share insiders’ best practices for fighting ATO.