Accertify's Attack State: A Proactive Shield for the New Fraud Front Line

ITASCA, IL – March 13, 2026 – In a move to redefine digital account security, unified risk decisioning firm Accertify has unveiled Attack State, a new capability designed to protect the most vulnerable entry point for modern businesses: the customer login. The solution aims to shift the paradigm from reactive fraud cleanup to proactive threat prevention by identifying large-scale, automated attacks before they can result in compromised accounts and financial loss.

As businesses have fortified their payment gateways, cybercriminals have shifted their focus upstream to the customer account itself. This digital front door has become the epicenter of a new battleground, where coordinated login attacks like credential stuffing and account takeovers (ATOs) are rampant. Accertify's new technology directly confronts this reality by offering a sophisticated layer of intelligence at the very start of the customer journey.

The New Front Line: Securing the Digital Doorstep

The threat is no longer theoretical; it's a pervasive and costly reality for businesses across all sectors. Account takeover fraud has ballooned into a massive problem, costing merchants an estimated $38 billion in 2023, with some projections showing that figure could soar past $90 billion by 2028. The frequency of these attacks is just as alarming. Recent security reports indicate that virtually all organizations—99%—were targeted by ATO attempts in 2024, with attacks increasing 24% year-over-year.

The primary weapon in these campaigns is automation. Using botnets, attackers launch credential stuffing attacks, where they test millions of stolen username and password combinations—harvested from countless third-party data breaches—against a company's login portal. While the success rate of any single attempt is minuscule, often as low as 0.1%, the sheer volume means thousands of accounts can be breached. Once an account is compromised, the damage can range from fraudulent purchases and drained funds to data theft and reputational harm that erodes customer trust. For many companies, the first sign of an attack comes only after a customer reports a problem, by which point the damage is already done.

Traditional security measures like static rules or simple IP-based rate limiting have proven insufficient against these sophisticated, distributed attacks that often mimic legitimate human behavior. This has created a critical market need for a more dynamic and intelligent defense system that can identify the subtle signals of a coordinated campaign in real time.

A Proactive Shield Against Coordinated Attacks

Accertify’s Attack State is engineered to be this proactive shield. Instead of waiting for fraud to occur at checkout, the system continuously analyzes an organization’s entire login ecosystem—across web, mobile, and API environments. It establishes a dynamic baseline of what constitutes normal traffic and user behavior for that specific client.

When a deviation occurs, the system flags it as a potential anomaly. This could be a sudden spike in login attempts from a new geographic region, a surge in activity from unfamiliar device types, or other subtle patterns that are invisible to the naked eye but indicative of a bot-driven campaign. By comparing real-time activity to this finely tuned baseline, Attack State determines when an organization's environment is under active attack.

This approach allows Accertify's machine learning models to adapt instantly. During a detected attack, the system can differentiate between malicious bots and legitimate customers, allowing good users to proceed without friction while automatically blocking bad actors. This prevents the frustrating scenario where security measures lock out valid customers during a security event.

“Customer accounts are one of the most valuable targets for attackers today,” said Andy Mortland, senior vice president of product and development at Accertify. “This is why we must broaden fraud controls beyond the point of checkout alone. Organizations need visibility into signals across the entire customer journey, from login activity to transactions to post-purchase. Attack State is an example of the power of taking a holistic, platform approach to fraud, one that connects early attack signals with downstream fraud decisioning, giving fraud and cybersecurity teams the context they need to respond faster and protect customer accounts.”

Bridging the Divide for a Unified Defense

One of the most significant strategic advantages offered by the new capability is its potential to dismantle internal silos between fraud prevention and cybersecurity teams. Historically, these departments have operated with different tools, metrics, and mandates. Cyber teams focused on perimeter defense and network integrity, while fraud teams concentrated on financial transactions. Attackers have long exploited this gap.

Attack State provides a common operational picture, surfacing alerts and rich contextual intelligence that are relevant to both groups. Cybersecurity teams gain early visibility into coordinated campaigns targeting their infrastructure, allowing them to monitor system performance and adjust perimeter defenses. Simultaneously, fraud teams receive an early warning of a potential spike in ATOs, enabling them to prepare for downstream fraud attempts before they materialize. This trend toward a “Cyber-Fraud Fusion,” a concept noted by industry analysts at Gartner, is seen as essential for mounting an effective defense against modern cybercriminals who operate across these traditional boundaries.

By providing a shared source of truth, the platform facilitates a more integrated security strategy, turning a fragmented response into a coordinated, holistic defense that is stronger than the sum of its parts. This not only improves security posture but also drives operational efficiency, reducing the time spent on manual reviews and investigations.

Navigating an Evolving Threat Landscape

Accertify enters a competitive field where firms like Sift, Forter, and Arkose Labs are also deploying advanced AI and behavioral analytics to combat account-based fraud. The industry-wide focus on the login and account lifecycle underscores the severity of the threat. However, Accertify is leveraging its deep expertise in payments and its vast network of curated data to differentiate its approach. The emphasis is on connecting pre-transaction signals with post-transaction outcomes, providing a complete view of risk across the entire digital journey.

The launch is timely, as experts warn that the threat is set to become even more complex. The rise of sophisticated AI agents is expected to accelerate ATO attacks, automating more steps of the process and making detection even more difficult. Solutions that rely on adaptive, machine learning-driven models will be critical for organizations to keep pace with these evolving tactics.

Accertify plans to showcase the new capability at the upcoming MRC Vegas 2026 conference in March, where it will hold a workshop titled, “Protecting Accounts Before Fraud Reaches Checkout,” signaling its commitment to educating the market on this critical shift in security strategy.