About Uni Cards

Uni Cards is a fintech company with a mission to change how people interact with credit. The company offers branchless credit cards with competitive cashback, additional rewards, no foreign currency transaction fees. By reimagining existing credit product offerings and delivering an unmatched credit experience to millions of Indians, Uni is disrupting how traditional credit card products work.

The challenge

Uni Cards faced a serious account takeover issue where customers were tricked into sending their one-time passwords (OTPs) to fraudsters, giving them access to their accounts. Once the fraudsters had access to the accounts, they also were able to obtain valuable data, including personally identifiable information, as well as credit card and CVV numbers.

OTP (One-time Password) Requirements 

At the time of this writing, financial regulations in India required OTP for online financial transactions, so removing OTP for another authentication method was not an option. With account takeover attacks happening frequently, Uni Cards needed additional security methods to layer on top of their current OTP solution to prevent unauthorized access to customer accounts. 

Before Fingerprint: The rising cost of fraud 

Before implementing Fingerprint, Uni Cards experienced close to 6.5 million Indian rupees (~$78,000 USD) worth of fraudulent transactions due to successful account takeover incidents. Coupled with the potential damage to their brand, this meant significant action needed to be taken to reduce account takeovers happening on their platform. Account takeover fraud also seeped into other areas of Uni Cards’ business, delaying new product development and slowing growth.

Why Fingerprint

The Uni Cards team evaluated several identification vendors in their search to add an additional layer of security on top of their OTP system. They landed on Fingerprint, stating that the identification accuracy and short implementation time were a couple of the factors in their decision. Uni Cards implemented Fingerprint’s visitor identifier to bolster their defenses against account takeover attacks. 

Uni Cards uses Fingerprint’s visitor identifier to identify the devices customers use to download and sign up for their app. If more than two users come up for a single device, that device is automatically blocked. After implementing Fingerprint, Uni Cards found that around 0.5% of customers who start onboarding get rejected daily, and the false positive rate is less than 1%.

Key takeaways

Fingerprint was the solution that Uni Cards needed to detect and prevent account takeover attacks that were costing them millions of rupees per month. With Fingerprint’s 99.5% accurate visitor identifier and easy implementation, they were able to get up and running quickly — enabling them to reallocate resources to grow and scale instead of constantly battling fraudsters. 
 
Interested in learning more about how Fingerprint can help you prevent ATO attacks? Get in touch with us for a personalized demo or sign up for a 14-day free trial.