The report is based on 17 billion digital transactions on the ThreatMetrix Digital Identity Network (“the Network”) during the second half of 2018, with 61 percent of digital transactions originating from a mobile device.
The most noticeable growth in mobile attacks is on account logins, as fraudsters attempt to infiltrate user accounts by brute force (using mobile bots) or stealth (using mobile remote access attacks). This contributes to the 107% growth in mobile account takeovers in comparison to H1 2018, despite the fact that overall attack rates are low. In some regions, fraudsters are shifting focus from desktop to mobile attacks. North American financial services companies saw a 48% year-over-year growth in attack rates, and a 116% increase in mobile transactions, with a 35% increase in mobile attacks.
The Network also detected and stopped 2.1 billion bot attacks on ecommerce merchants, a 142% growth compared to the same period last year. Account logins in ecommerce are much more desktop based, with 69% of logins via desktop.
In the ecommerce sector, although sophisticated attacks have actually dropped during H2 2018, the impact of high-volume automated bot traffic continues to disrupt the industry. Identity-testing bot attacks often make up considerably more of an ecommerce merchant’s daily transaction volume than good traffic, making a low-friction online experience for trusted customers all the more challenging for merchants to provide.
One of the key challenges for ecommerce merchants, particularly during busy holiday shopping days such as Black Friday and Cyber Monday, is balancing optimized customer experience and low-friction authentication, while also maintaining effective fraud control. At times, this might mean accepting a higher percentage of fraud to accept more genuine orders from good customers.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now