A new report about how fraudsters commit account takeover fraud (ATO) attacks was released by GIACT, an identity fraud and payments solution. Entitled “U.S. Identity Theft: The Stark Reality”, the report states that 47% — nearly half — of US consumers experienced identity theft in 2020. It is a startling wakeup call to the industry about the scope of the account takeover fraud problem.
Additional highlights from the report include:
- The U.S. experienced $712.4 billion in identity theft losses in 2020 — a 42% YoY increase (up from $502.5 billion in 2019);
- Nearly half (47%) of U.S. consumers surveyed experienced identity theft over the past two years;
- Over one-third (37%) experienced application fraud (i.e., the unauthorized use of one’s identity to apply for an account) over the past two years;
- Over one-third (38%) experienced account takeover over (i.e., unauthorized access to a consumer’s existing account) over the past two years.
Merchants Fail to Notify Account Takeover Fraud Victims
In addition to the scope of the problem, the report shares startling statistics about merchants’ response to the theft of their customers’ payment information. Just 25% of victims learned of the theft from the merchant.
In a press release, Shirley Inscoe, senior analyst for Aite Group’s Fraud & AML practice, highlighted the importance of this finding.
“This report represents one of the most comprehensive recent reviews of identity theft and account takeover, and marks an inflection point for the industry,” she said. “2020 not only saw an increased reliance on digital banking, payments and online accounts, but also increased rates of fraud. Without meaningful action taken by businesses, financial institutions and others, fraud will unfortunately continue to flourish. Education, along with the implementation of enhanced anti-fraud protections, is needed.”
In the press release, Melissa Townsley-Solis, Head of GIACT, stressed that given the increasing threat and potential consequences, there is an increasing need for merchants to improve their approach to fraud prevention.
“Identity theft has become significantly more evolved and sophisticated over the past few years. Businesses and financial institutions must keep up,” she said. “To combat fraud, they will have to ramp up their customer authentication process by monitoring and validating their consumers at every touch point, throughout the customer lifecycle. And with so much personally identifiable information already exposed and publicly available, they will also have to improve and diversify the types of data being used.”