Akamai strenghtens protection against account abuse
Akamai launched new capabilities to its Account Protector security solution.
These enhancements are designed to safeguard user accounts against abuse throughout their entire lifecycle and provide advanced protection against account opening abuse, account takeover attacks, and other attack schemes.
The new capabilities enable organizations to protect accounts from the moment they are created, through password resets, logins, and all post-login activities. In today’s threat landscape, a single security check at login or transaction is no longer enough. To effectively stop malicious activity and abuse, it’s essential to analyze risk in real time and continuously monitor accounts throughout their entire lifecycle for signs of suspicious behavior as they happen.
“As the cybersecurity landscape evolves, so do the tactics of fraudsters,” said Rupesh Chokshi, Senior Vice President and General Manager, Application Security, Akamai. “Traditional static risk assessments at login are no longer sufficient to counter sophisticated account abuse threats. These enhancements to Account Protector provide continuous risk assessments and help customers detect subtle behavioral changes that could signal impersonation or fraudulent activity.”
Account Protector collects a broad set of risk signals from across the entire lifecycle of an account, analyzes them, and initiates automated responses that balance risk mitigation with user experience. New capabilities include:
- Lifecycle protection — Account Protector empowers organizations to evaluate user risk at any stage, from account creation to post-login activities such as account updates, password changes, and payments.
- Flexible risk management — Organizations can tailor their security measures according to risk tolerance and business objectives, adding friction for suspicious users or reducing it for trusted users at any point in the user journey.
- Advanced API operations and risk detection — New API operation purposes and risk detections have been added for critical post-login activities, including:
- Account update — Enables organizations to identify imposters who are attempting to update an account after taking over a user account
- Password change — Provides enhanced detections to identify abnormal password change after a user account takeover
- Payment — Supports secure checkout transactions or money transfers by identifying imposters who are making fraudulent transactions after taking over a user account
These new capabilities provide advanced protection against sophisticated account abuse by monitoring user behavior in real time and adapting to changing risk profiles. Businesses can now better safeguard their user’s accounts and respond to emerging risks while continuing to deliver great user experiences for trusted users.