Last week was not only a big launch week for Verosint, but it was also the Gartner IAM Summit where we had the chance to connect live and in-person with many of our identity security integration partners, Gartner analysts and future Verosint customers. The event took place in Grapevine, Texas - and it's true, everything IS bigger in Texas including the Gartner IAM Summit with 40 insightful speakers and over 100 exhibitors!
Gartner’s Akif Kahn Understands Account Fraud
At the conference, those getting acquainted with the problem of online account fraud, were attending sessions with Akif Kahn, VP Analyst at Gartner. He was doing his part to bring awareness to this issue and help educate the IAM community with two dedicated sessions on the topic, including:
- Why Is It So Hard to Prove Someone's Identity Online? Akif presented use cases, tools and future considerations. He focused on identity assurance, identity proofing, digital footprints, identity graphs and orchestration as key concepts that are central to account fraud detection and prevention.
- Stopping Account Takeovers. In this session, Akif examined the risks and consequences of account takeovers. He explained how they work, explored the various attack vectors used and shared ways to stop an account takeover before and during the user journey with account takeover with an ATO prevention stack and journey orchestration.
6 Takeaways from Gartner IAM Summit
It is clear that account fraud, including account takeovers and new account openings, is a growing concern for Gartner clients these days. The increased focus on ATO and account fraud is welcome, as is the recognition that this growing threat is different from transactional fraud which most online businesses have been focused on, until now. Here are 6 key things I took away from the event last week:
- Convenient yet trusted account protection for customers is important. Customer identity management or CIAM was a hot topic at the Summit, but after talking to several customers, it’s evident that there continues to be fewer solutions for businesses that can protect their customers when compared to the solutions focused on workforce identity security. The more secure but higher-friction tools being used in workforce IAM just aren’t viable options for UX-sensitive, customer-facing engagements. Account fraud in CIAM scenarios results in monetary losses, customer churn and reputational damage and is quickly becoming top of mind for businesses of all sizes.
- A layered approach is needed. For those without a home grown IAM platform underpinning their security architecture, they are likely using tools like Auth0, Ping Identity or Forgerock to authenticate users into the websites and applications. But it’s clear that MFA bypass and MFA fatigue are becoming concerns, so those customers are seeking additional ways to identify a risky user or account before it can do irreversible damage. That’s where account fraud prevention and detection comes in. Gartner talks about identity proofing, verification and fraud integration as key capabilities that will become more important.
- ITDR is a growing trend in IAM. Identity threat detection and response (ITDR) is the latest buzz in IAM, fueled by a Verizon report revealing that 61% of data breaches in 2021 were caused by stolen credentials. To stay ahead of cyberattacks, Gartner’s Senior Director, Analyst, Henrique Texeira, advises integrating ITDR capabilities into security infrastructure. Technology like Verosint’s can streamline identity-based breach investigations, improving the detection of account takeovers and credential abuse. It also orchestrates the proper security flows to encourage additional friction when risk is present.
- Account fraud is landing squarely into the IAM category. It’s clear that account fraud is a different challenge than transactional fraud which most online businesses have been uber-focused on, until now. It requires a focus on identity data vs payment transaction history. And, an account takeover and other types of account fraud can cause damage going beyond financial loss spreading across customer experience, brand reputation, operational costs as well. Identity data is the right data to protect since user credentials are the keys to the kingdom when it comes to digital business.
- Account takeover (ATO) is the most concerning type of account fraud. Account fraud, including new account openings and account takeovers, are permeating a large portion of Gartner client concerns these days. And, according to the Garnter analysts taking hundreds of account fraud inquiries last year, ATO is the main type of "account fraud" getting the most inquiries.
- Creating a seamless user journey is paramount to long term success. The balance between security and customer experience is very important to online business. Akif Khan, VP analyst at Gartner, stressed orchestrating the entire process of identity proofing, authentication, access management and fraud detection to harmonize them into a seamless journey for the user.
Account Fraud Detection and Protection Is Here
The event was well worth our time. We were encouraged with each conversation that there is a strong need for our new account fraud detection and prevention platform in the fight against account fraud. The best thing about Verosint’s solution is that it is easy to implement and quick to deploy. It can be up and running adding that additional layer of protection in a matter of hours. To learn more and start a free 14-day trial, request a demo of Verosint today!