New research reveals 82 percent of companies struggle with fake users, yet 43 percent admit allowing them in order to avoid friction during registration
Los Angeles (November 18, 2015) – TeleSign, the leader in mobile identity solutions, today announced new research in partnership with privacy and information security research firm Ponemon Institute revealing the costly impact of fake users to businesses and how consumers are being victimized. The Fraud Report: How Fake Users Are Impacting Business highlights the average economic value of a company’s user base ($117M) and the financial and brand reputation damage that can be done if fraudsters are allowed to create fake accounts and wreak havoc within a business and across the Internet.
This new report reveals that while 82 percent of companies struggle with fake users, 43 percent still admit allowing them into their ecosystem to avoid friction in the user registration process. Respondents reported user convenience (58 percent), cost efficiency (52 percent) and ease of use (42 percent) as the most important factors to an organization’s authentication strategy with security at a distant fourth (21 percent). Overwhelmingly, companies value ease of use over security against fraudsters, making them vulnerable to the threat of fake users. Meanwhile, cyber crime is costing the global economy hundreds of billions of dollars per year.
“Fake accounts are notorious vehicles for cyber criminals to commit abuses, from basic activities such as spam to devastating events like identity theft and account takeover. Battling these types of problems has brought a number of well-known brands to their knees and is continuing to cost businesses significant time, money and reputational capital,” said Steve Jillings, CEO TeleSign. “Despite today’s aggressive threat landscape, 64 percent of businesses still admit to prioritizing convenience over security which means fake users are being allowed in just as readily as you or me. TeleSign’s advances in frictionless account verification technology mean that those trades-offs can be a thing of the past.”
The Fraud Report shows that allowing fake users helps sow the seeds of cybercrime:
“Fake users are one of the first steps in the chain of crime, impacting consumers and businesses both directly and indirectly through acts of fraud, theft of information and control of data,” said Dr. Larry Ponemon, chairman and founder, Ponemon Institute. “Through a variety of illicit acts, these cyber criminals damage the global economy to the tune of billions of dollars a year, but companies that take preventative measures can make a difference.”
Larger companies in this study have spent as much as $14 million to respond to spam or fraud committed by fake users, with an average cost of $4 million per company. A vast majority (60 percent) of those costs are being put to repair brand damage and reputational costs:
“Importantly, the data also revealed that catching bad actors at the time of account registration provides a powerful advantage to mitigating the problem, because once they’re running loose in your ecosystem they’re very difficult to catch,” continued Jillings. “Seventy-two percent of survey respondents said it’s difficult to suspend an account that has been identified as spam after the fact. This underscores the importance of having proper practices in place to prevent registration fraud, and suggests an optimal insertion point for companies to focus their efforts against fake users is the point of registration or enrollment.”
Additional findings from the Fraud Report include:
- In the past 12 months, fake users victimized 21 percent of legitimate users, resulting in organizations losing an average of nine percent of their legitimate user base.
- On average, companies estimate 10 percent of their respective user bases to be fake users, yet 65 percent of respondents also report that knowing their user base is legitimate is of great value to their leadership.
- Only 25 percent of respondents believe the traditional username and password(s) is a reasonably secure authentication method – yet 59 percent say that the use of two-factor authentication is not an option on their service.
- Sixty-nine percent of respondents believe their organization’s authentication process is difficult to manage, which directly contributes to allowing fake users to infiltrate the user base.
- The majority (54 percent) of respondents agree that a phone number is enough to stop fraudulent registrations.
TeleSign delivers account security and fraud prevention solutions, helping customers secure more than 3.5 billion online accounts worldwide based on a user’s mobile identity and driven by real-time, global intelligence, including reputation scoring and device data.
In order to prevent registration fraud and fake user accounts, without sacrificing ease of use for customers, TeleSign recommends Auto Verify, its new lightweight software development kit (SDK) that streamlines the account verification process while providing a more reliable and cost-effective method for companies.
The study surveyed 584 U.S. and 414 U.K. respondents who are involved in the registration, use or management of user accounts and hold such positions as product manager, IT security practitioner and app developer. The median revenue of companies represented in this study is $650 million.
Get interactive: Visit TeleSign.com for a full interactive experience on the key findings from the report here.
Download the report: Get The Fraud Report: How Fake Users Are Impacting Business TeleSign Fraud Report – How Fake Users Impact Business.
# # #
TeleSign is the leader in mobile identity solutions, helping customers secure more than 3.5 billion end user accounts worldwide and prevent registration fraud, while improving user experience and managing costs. TeleSign delivers account security and fraud prevention with two-factor authentication based on each user’s mobile identity (phone number, device and behavior) and driven by real-time, global intelligence, including reputation scoring and device data. To find out more, visit http://www.telesign.com or follow us on Twitter – @TeleSign.