Overview

Account takeovers resulting from weak or stolen credentials have become one of the most common paths to online fraud, increasing in frequency at a rate of 72% year over year. As a result, SpyCloud keeps evolving its comprehensive account takeover and online fraud prevention platform to keep pace with the growth in attacks. Preventing fraud requires high confidence in customer identities, and the ability to flag accounts that are using compromised passwords. SpyCloud’s platform is backed by an ever-growing database of more than 113 billion breach assets recovered from the criminal underground – the most comprehensive breach database in the world including 20 billion plaintext passwords – against which customer identity attributes are compared. When exact-match stolen information is detected, the account is flagged for password reset or a step-up authentication process such as MFA, as defined by the company’s risk tolerance. It proactively helps companies identify potentially fraudulent activity while reducing friction and false positives.

Companies using SpyCloud treat account protection as part of the overall customer experience, which allows for seamless transactions and customer satisfaction while also preventing fraud. SpyCloud helps companies prevent account takeover, monitoring accounts for exposed Personally Identifiable Information (PII), passwords, phone numbers, and more. It stops fraud from fabricated identities by spotting user information disparities using its vast breach database, which contains data on not only legitimate users, but also criminal identities. But ultimately, it is designed to prevent fraud in a seamless, frictionless way. Friction can be avoided with periodic offline batch processing to securely identify at-risk accounts using exposed passwords. This is a common method used by SpyCloud clients to reduce friction by proactively identifying high-risk password reuse.