loan servicing platform community banks


The defi Team defi INSIGHT, Fraud

account takeover fraud prevention

Data breaches, identity theft, and account takeovers (ATO) are unfortunate realities of digital commerce. Personally identifiable information (PII) obtained from breaches enables identity theft. Phone scams, phishing attacks, and identity theft are the schemes most frequently used to perpetrate account takeovers. 


In an account takeover, an individual or well-organized cartel obtains access to a consumer’s account, changes login credentials or personal data, then makes unauthorized transactions using that account. Unauthorized purchases, transfers of funds, and cancellation of payments can quickly lead to financial ruin for the consumer and reputational damage for the business that failed to prevent it.


Carelessness and Contrivances Grant Account Access

Account information is obtained either by sheer negligence on the part of consumers or sophisticated schemes perpetrated by fraudsters. Here are a few of the most common scams:


  • Printed account information left in the trash or stolen from mailboxes, wallets, and purses. 
  • ccount information unwittingly provided via phone or email (phishing) to a fraudster posing as a representative from one of their financial institutions. 
  • Malware surreptitiously installed on a computer or mobile device captures login IDs and passwords, SSNs, email addresses, and bank account routing information.
  • Takeover on one account provides access to information that enables the takeover of additional accounts.

Once this information is obtained, the fraudster can log in, change the password and other account information, and begin to use the account to their advantage.


You need the latest machine learning capabilities to identify fraud. Learn how in PointPredictive’s Hidden Patterns of Auto Lending Fraud webinar.

Lenders’ Concerns: AFT Cancellations and Unsecured PII

Two aspects of account takeover fraud should concern lenders. First, the cancellation of automatic fund transfers (AFT) used to repay loans. Fraudsters that take over accounts want to use those financial resources for their benefit, not pay borrower debt. Second, obtaining fraudulent access to PII maintained by a lender can pave the way for takeovers of other accounts. 


Consumers are usually the first to realize they’ve been the victims of account takeover fraud by way of unauthorized charges on monthly statements, depleted accounts, or notices of insufficient funds. However, for consumers who don’t check their accounts as often, lenders may be the first to realize the problem as a result of AFT failure due to insufficient funds or intentional cancellation of the monthly transfer.

Account Takeover Fraud Prevention

Lenders need to ensure that borrower data is securely maintained—data encryption is the answer—and that any changes made to account information are verified. Account takeover fraud prevention involves a multi-faceted approach employing fintech capabilities and data sources that greatly reduce the risk of takeovers.


Account takeover fraud prevention requires careful monitoring of any changes made to the borrower’s personal and financial data maintained by the lender. Did a legitimate, authorized borrower modify the information, or did a criminal just take over the account?


Lenders have more control than ever in monitoring and authorizing changes in account information. Fintech analytic capabilities and data sources that provide ever-increasing volumes of detailed and accurate consumer information give lenders greater confidence in identity verification and validity of account information changes.

  Account Takeover Fraud Prevention (2)

Identity – verify that an individual is authorized to make account changes by employing one or more of these methods:


  • Provide 2-factor authentication by sending an authorization code to another device or alternative email address.
  • Issue an alert to initiate an immediate investigation if the device, IP address, or geographic location differs from established online interactions. 
  • Pose knowledge-based authentication challenges such as the number of pets, first car, or favorite food to verify identity.

Plausibility of Changes – analyze information changes for subtle or overt indications of potential fraud by determining if:


  • Changes such as address, email, phone, or employment indicate potential risk and need to be verified before accepting the changes.
  • Account information changes match known account takeover patterns or behaviors.
  • A comparison of old and new information reveals a high-risk behavior.
  • Automated notification via alternative email or SMS for any requested changes to account information.

Fintech innovations allow lenders to verify the identity of borrowers and analyze the plausibility of account information changes by:


An automated approach to account takeover fraud prevention allows lenders to consistently apply fraud detection and prevention technology to raise the barrier to ATOs while allowing legitimate borrowers to change their information with minimal inconvenience.


Getting Started

defi SOLUTIONS provides configurable loan origination systems, loan management and servicing, analytics and reporting, and a wide range of technology-enabled BPO services. Contact our team today or register for a demo.


Get in touch with us today and get a demo!


(Visited 182 times, 1 visits today)