Follow us on
Connect
Advertisement
 

Cybercrime Risks of a Single Login Across Multiple E-Commerce Sites

December 3, 2013 By Andreas Baumhof
Get the Flash Player to see this rotator.
 

Amazon.com recently announced a new feature, "Login and Pay," which enables its 215 million customers to purchase products on participating e-commerce sites using their existing Amazon account login and credit card credentials. Through this service, merchants can collect more insights on customer shopping behavior and preferences using information from Amazon's database. At the same time, customers benefit by being able to make purchases without entering their account information on multiple sites each time.

While Login and Pay offers convenience for merchants and consumers, there are severe security concerns associated with this service. Specifically, if one of the participating retail websites is compromised, login and credit card credentials for several websites can be exposed to cybercriminals. Using such a service ignores a cybercrime prevention measure security experts have stressed the importance of for some time — using unique logins across websites. 

E-commerce merchants lose up to $3 billion in revenue each year to cybercrime attacks. To protect against these threats, consumers should take caution by using unique logins, avoiding links and offers from third-party sources, and keeping their computer security software updated.

In addition to consumers taking caution, retailers must put preventative measures in place to protect against cybercrime, especially this time of year with the busy holiday shopping season. Specifically, retailers can leverage the collective intelligence from a global network to stop cybercriminals in their tracks.

Leveraging a Collective Trust Intelligence Network
To protect against potentially fraudulent transactions, e-commerce merchants should leverage collective data from a global intelligence network comprised of device identification characteristics, user and persona profiles, past behavior, detected relationships, and threat assessments. Specifically, retailers can link customer accounts to their devices, addresses and previous transactions to build a history of legitimate customers and suspicious accounts.

Leveraging a collective network enables online merchants to analyze logins, payments and accounts to evaluate the data relating to both the user and their associated devices from all channels, including desktop, laptops, web browsers and mobile apps. Doing so can help protect against the following cybercrime threats:

  • Account takeover: While this threat traditionally targeted financial service providers, it's an increasing risk for e-commerce merchants. Using a collective network, retailers can spot red flags such as multiple devices accessing one account, spoofed browser settings and changing account data (e.g., billing or shipping addresses). Such technology also protects online customers from malware targeting credit cards as well as automated logins from bots and compromised devices.
  • Payment fraud: E-commerce merchants must implement verification technologies to assure transactions are authentic. A collective network can help you protect transactions while creating a more convenient customer experience by reducing false negatives (i.e., incorrectly labeling an authentic transaction as fraudulent).

Online payment fraud and account takeover protection should be a top priority for e-commerce merchants given the significant amount of revenue lost to cybercriminals. By using a collective intelligence network to differentiate between trusted and suspicious personas, devices and behavior, online retailers can differentiate between good and bad actors to protect transactions. Consumers must also play their part in the fight against cybercrime by taking caution when it comes to such services as those that enable the same login across multiple accounts.

Andreas Baumhof is the chief technology officer of ThreatMetrix, a provider of integrated cybercrime prevention solutions. Andreas can be reached at abaumhof@threatmetrix.com.


 

Companies Mentioned:

SPONSORED CONTENT

MORE ON E-COMMERCE >>

FROM THE BOOKSTORE

Reading The Ultimate  Insider’s Guide to Winning Foundation Grants is like peeking at someone’s  secret diary or personal email.  You feel  guilty.  This is privileged information.
Only in this case Martin Teitel WANTS to reveal everything  to you. A
 long-time foundation CEO, he’s fed up with the smoke and mirrors of  
grant seeking. Ultimate Insider's Guide to Winning Foundation Grants

Reading The Ultimate Insider’s Guide to Winning Foundation Grants is like peeking at someone’s secret diary or personal email. You feel guilty. This is privileged information. Only in this case Martin Teitel WANTS to reveal everything to you. A long-time foundation CEO, he’s fed up with the smoke and mirrors of...

ORDER NOW

One of the only books for fundraisers on monthly giving! Tips on how to make monthly giving work alongside other fundraising effortsHow to acquire monthly donors through different channels such as email, social media, direct mail, television and radioAnd much, much more! Monthly Giving: The Sleeping Giant

One of the only books for fundraisers on monthly giving! Tips on how to make monthly giving work alongside other fundraising effortsHow to acquire monthly donors through different channels such as email, social media, direct mail, television and radioAnd much, much more!...

ORDER NOW

 

COMMENTS

Click here to leave a comment...
Comment *
Most Recent Comments:

SUBSCRIBE TO eM+C Weekly

Receive our FREE Weekly
e-newsletter:
     Privacy Policy
 

RETAIL ONLINE INTEGRATION MAGAZINE:

Get Your FREE Subscription to Retail Online Integration:
Winter 2015
     Privacy Policy