2019 Chicago Fraud & Breach Prevention Summit , Events , Multi-factor & Risk-based Authentication
Compromised Credential Detection
Numerous options exist for strong authentication but, each involves introducing some form of friction into the user experience. User testing shows consumers have extremely limited tolerance for disruptions introduced by security measures, even when those measures are designed to protect the consumer, personal information and valuable assets.
Enzoic built its credential screening products with the understanding that consumers use the same login credentials across multiple sites. When a user logs in, Enzoic compares their credentials against a continuously updated database of compromised credentials. This process is behind-the-scenes and adds negligible latency to the login process.
If the user's credentials have been compromised, a range of responses can be taken: companies may force an immediate password reset, clear credit cards on the account, require an additional auth factor, or log for additional analysis. This protects the user's account and maintains enterprise security against credential stuffing and account takeover attacks launched by cybercriminals.