Overview

Account takeover (ATO) is when a fraudster gains control of an account that belongs to a genuine customer. Fraudsters can then make unauthorised transactions, sell the compromised accounts on and/or scrape personal information out of the account which can be sold.

In the Ravelin dashboard you have the ability to review customer activity as account takeover, in particular orders, devices or successful logins.

Analysts should only review as account takeover when they are sure that is the case, as this information will be used by our machine learning models and inaccurate reviews could have a negative impact on the performance of the model.

Review as Account Takeover

To start an Account Takeover review you need to select the order, device or login you want to review on the customer profile and select the option "Review as Account Takeover".

On the confirmation screen you can see:

• the order, device or login selected to review
• the device associated
• any other orders placed using that device on that customer account

The confirmation screen will vary depending on the starting point of the review:

• an order - it will show the device used and also any other orders placed by that device in that customer account.
• a successful login - it will show the device used and any orders placed using that device on that customer account.
• a device - it will show any orders placed using that device on that customer account.

Once you confirm the review:

• the order/device/login selected will be reviewed as Account Takeover.
• the device used to place the order or login will be reviewed as Account Takeover.
• any orders placed on that device for that customer will be reviewed as Account Takeover.