As more companies move away from passwords toward behavioral biometrics, they face new challenges, says Rajiv Dholakia, vice president, products at Nok Nok Labs. "There are no standards as such in this area on how the information is collected, how it's stored and how it's processed," he says.
The National Payment Corporation of India, the umbrella organization for all retail payments systems, has asked banks to discontinue Aadhaar-based payments through Unified Payments Interface and Immediate Payment System channels.
The issue of access management and vulnerable software applications has come back to haunt the Unique Identification Authority of India which manages the Aadhaar database containing biometrics and personal information of over 1 billion Indians.
The new India Post Payments Bank will take banking to the doorstep by using India's mammoth network of post offices. Postmen will perform digital transactions on their phones. That's raising concern among security leaders, who recommend adopting defense-in-depth security.
UIDAI, which administers the Aadhaar program, has some simple advice: Avoid behaviors such as what R.S. Sharma, chairman of the Telecom Regulatory Authority in India, did on Saturday, when he tweeted his Aadhaar number.
Silicon Valley employees are increasingly calling on executives to restrict the use of facial recognition technology, mobilized in part by the U.S. government's previous policy of separating children from parents at the border. Experts say facial recognition regulations are needed - and quickly.
Numerous technology firms now offer facial biometrics recognition search tools for big data sets. But information security expert Alan Woodward warns that these big data sets must be "considered and regulated very heavily" or else we'll be "living in 1984 without knowing it."
The entire approach toward Aadhaar security needs to change to address problems on the users' end, rather than focus on the UIDAI's core database, contends Na. Vijayashankar, a cyber law expert. He'll be a featured speaker at ISMG's Fraud and Breach Prevention Summit in Bengaluru.
Hot cybersecurity trends under discussion at this year's RSA Conference include artificial intelligence, facial recognition, protecting not just data but also knowledge, as well as rapid data breach response, says Chris Pierson, CEO of Binary Sun Cyber Risk Advisors.
The Unique Identification Authority of India has taken the next step toward adding an extra layer of security to protect Aadhaar data, a move that some security leaders are welcoming in light of recent Aadhaar-related data leaks.
Those concerned about the security of India's Aadhaar biometric ID are pleased that the Supreme Court has ruled that linking Aadhaar numbers to bank accounts, payment cards and mobile phones cannot be mandatory until security issues are adequately addressed.
The arrest of 10 men in Uttar Pradesh for allegedly cloning fingerprints of authorized Aadhaar enrollment officers is once again stirring debate over whether it's wise for India to rely so heavily on Aadhaar for authentication.
Security practitioners in India need to have a better perception of threats and risks to build successful detection and defense strategies. That was one of the key lessons offered at ISMG's Fraud & Breach Prevention Summit in Bengaluru June 7.
DSCI is working with the FIDO Alliance in an effort to eliminate the use of passwords for authentication in India. But some security practitioners question whether that's a realistic approach that will prove effective. go