Account Sharing: Friend or Foe?
Sharing is half the fun when it comes to many digital products.
Watching a favorite holiday movie with the whole family is a tradition in a lot of homes this time of year. Singing karaoke duets with teenage friends is big fun, too. And of course, massively multiplayer role-playing online games are the very definition of having fun with others.
Even games that used to be solo experiences are warming up to the sharing idea. For example, one well-known gaming company makes it possible for a primary digital game owner to share his or her games with friends or family members.
But account sharing can also hurt sellers of digital goods. More than 1 in 5 young adults “borrow” passwords to streaming services. Although some services allow account sharing to encourage viral growth, this freeloading may cost streaming providers an estimated $550 million by 2019. What’s more, it could become a criminal violation of the federal Computer Fraud and Abuse Act (CFAA), as court decisions continue to expand the scope of this law first introduced in the 1980’s.
Account sharing can open the door to fraud and account takeovers, too, especially in our expanding social media world. Gamers, players, and social media enthusiasts may feel safe sharing account credentials with others in their online communities. But fraudsters are known to hang out in these groups, trolling for login credentials.
And that’s where things can get ugly. It can be extremely difficult for digital goods companies to distinguish between users engaged in innocuous account sharing and fraudsters conducting criminal account takeover.
Fortunately, there are affordable, enterprise-class account protection solutions that allow merchants selling digital goods to identify fraudulent behavior at login, before fraudsters can gain entry into their networks.
These solutions accomplish this by analyzing critical data such as Device ID, IP location and velocities associated with login attempts. Below is a small sample of the types of checks that they may perform to detect and block fraudsters:
In addition, a number of account protection solutions support two-factor authentication for suspicious login attempts, such as sending SMS texts to users, posing “out-of-wallet” questions, etc. This two-factor authentication provides an additional layer of prevention that is critical to stopping today’s fraudsters armed with rich “weaponized” data from the unprecedented number of data breaches.
Account takeover and account sharing are just one of the five prevalent types of fraud attacks that target digital goods. Learn about all the others when you download the eBook “Fraud in a Digital World”, plus discover the 12 best practices to fight fraudsters targeting digital products.