Beyond MFA: Building a User-Centric Authentication Strategy That Stops Attacks

Logo
Presented by

Ashish Jain - Chief Technology Officer, Arkose Labs

About this talk

Understand the evolving state of the payments industry and see how you can offer better customer experiences with the latest tech practices. In the payments industry, providing “good users” with as frictionless of an experience as possible is a top priority for fraud & identity teams. Alongside fraud metrics, they are measured on new registration/growth numbers, sign-in completion rate, and transaction conversion rate. Yet the strongest authentication options, such as SMS, push notifications, and biometric authentication, to protect against fraud also increase user abandonment. Authentication today cannot be one size fits all to meet user needs at various engagement stages and keep up with the latest tactics of ATOs, fake accounts, and abuse. The digital transformation requires a full funnel approach that starts at registration and login pages and works downstream like attackers do. In this session, we’ll explore how to defend against the latest attack tactics while building a user-friendly authentication strategy. Come ready to learn: - How to understand Dark Web techniques, open-source tools, and services fraudsters to deploy ATO and more - How account security measures at the top of the funnel can help optimize a user-friendly payment experience - What a comprehensive authentication journey looks like - How a combination of active and passive authentication can effectively stop attackers while minimizing good user friction

Related topics:

More from this channel

Upcoming talks (3)
On-demand talks (81)
Subscribers (3231)
Arkose Labs is the global leader in providing account security and bot management. The company’s unique detection and mitigation platform stops bad actors from attacking a consumer’s login and/or sign-up function on a B2C company’s website and app. Arkose Labs detects the most prevalent and costly types of online attacks today: credential stuffing, account takeovers, fake new account registration, phishing, IFRS, etc.