Protecting Your Customers From Account Takeovers

For today’s post, we’re giving you an update on risk mitigation and how subscription businesses can protect themselves and their customers as they grow their subscriber bases. Specifically, we’re going to discuss the vulnerability of My Account sections — an important feature of digital subscription companies.

Account Takeovers

A key part of subscription management is the user account. This is where subscribers directly manage their subscription plans. They can update payment and contact information, upgrade or downgrade plans, contact customer support or make additional one-off purchases. Unfortunately, the convenience and personalized approach of an individual subscriber account is threatened by increasing instances of account takeovers.

According to industry experts, to minimize the threat from account takeovers, businesses must identify high-risk users during account creation, flag suspicious account changes, and monitor suspicious purchasing behavior.

For example, to minimize the risk during account creation, make sure that you have implemented a two-step verification process. This makes it more difficult for fraudsters because it means they must have access to both the email and customer account.

However, a two-step verification process doesn’t solve all your problems. What if the fraudster has access to both accounts? That’s why it’s also important to look for suspicious account changes. For example, did the customer change their email address? Was a password reset page accessed from an unfamiliar IP address? These are things that by themselves can be considered harmless, but when combined, they start to form a suspicious pattern of behavior.

Ordering patterns can also indicate fraudulent activity. If your business model involves usage based billing, what does it mean when someone with lower usage suddenly becomes a super user? When a customer usually purchases below a certain price threshold, but suddenly is purchasing big-ticket items, or when they suddenly go on a spree buying lots of lower-ticket items, you might have a fraudster on your hands.

Identifying Fraud Through Behavioral Biometrics

Of course, you have to watch out for fraud in other places besides the account section. Fraudsters are also looking to exploit areas like the shopping cart, and you have to be able to identify behaviors that indicate when you are at risk. Behavioral biometrics refers to the observation and tracking of customer shopping cart behavior while making a purchase. Important behaviors to watch out for include:

Typing speed

Here the Goldilocks rule applies — not too fast, not too slow, but just right. If you observe typing that is too fast, it could be a fraudster using a malicious bot to place orders. Typing that seems too slow suggests the user may be unfamiliar with the data they’re trying to use.

Right-handed or left-handed

Is this trait consistent across multiple orders? If a user typically indicates a preference for their right hand, but all of a sudden you see indications of a left-handed typist, you may be seeing a fraudster.


Computers and humans make different sorts of typos. Malicious bots are programmed to take huge amounts of stolen personal data and try to complete orders online. But as these bots copy and paste stolen data, they wouldn’t recognize whether they’re in the correct field or not. So, for example, a bot might try putting payment information into the email address field.

Legitimate customers make more logical mistakes, like misspell the domain name of their email address and then they press backspace to correct the typo.

Typing rhythm

Legitimate customers generally have a natural rhythm to their typing. For instance, when customers type their phone numbers, they usually pause between the number sets. For a U.S. customer, the pattern might look like this: ### (pause) ### (pause) ####.

Similarly for a credit card number, which is usually presented in four sets of four digits, a legitimate customer is likely to type the numbers in blocks of four just as it appears on the card.


In a straight forward transaction, or in a typical renewal of a subscription, your customer authorizes banks to transfer their money to you. But sometimes the data is deceiving. Sometimes the data makes it look like a legitimate customer is renewing their subscription, when in fact, that customer is not who they say they are.

Businesses need to reduce the security risks and costs associated with fraudsters exploiting sensitive customer information. Protecting customer accounts, and monitoring behavioral biometrics all have very real effects on your bottom line. Make sure your business is protected by trained individuals armed with the latest in fraud prevention tools and techniques.

Alyse Serritella is the Fraud Prevention Team Leader at cleverbridge.

Adrienne Pollitz and Truc Nguyen contributed to this article.

Further reading