Despite increased use of two-factor authentication and biometrics, passwords are still the most common form of authentication. However, when most breaches are caused by weak, stolen, or reused passwords, it's clear passwords pose significant risks that can't be ignored.
From potential security breaches to increased...
Although the Reserve Bank of India mandated that banks complete the shift from magnetic stripe debit and credit cards to EMV chip-and-PIN cards by Jan. 1 to help reduce fraud, there's still plenty of work to be done.
German police arrested a 20-year-old student - living at home with his parents - who they say confessed to leaking contact details and sensitive information for an estimated 1,000 German celebrities, journalists and politicians, including Chancellor Angela Merkel.
Account takeover is a rapidly growing arena for
cybercriminals. How can organizations strengthen
both authentication and authorization?
Download this white paper to learn more about:
Why account takeover fraud is a growing and strengthening problem;
How organizations can strengthen authentication and...
Leading the latest edition of the ISMG Security Report: Microsoft's Joram Borenstein highlights his top three areas of focus for 2019. Plus, Randy Vanderhoof of the US Payments Forum on securing card transactions in the coming year.
With the Cosmos bank attack still fresh in memory, some security experts are urging the Reserve Bank of India to take immediate steps to upgrade the security capabilities of banks. For example, they want banks to do away with user-based one-time passwords delivered via text messages.
The latest version of the NIST Cybersecurity Framework - Version 1.1 - includes more information on supply chain risk management, authentication, authorization, identity proofing and self-assessing cybersecurity risk management, says Matthew Barrett of the National Institute of Standards and Technology.
In an interview, Rohas Nagpal, a chief architect at Primechain Technologies, describes how blockchain can be used for authentication and pinpoints areas where blockchain is not the ideal technology. He'll be a featured speaker at ISMG's Security Summit in Mumbai Thursday.
A database security blunder revealed on Friday serves as a reminder that the days of SMS-based authentication should be over. The exposed database, which wasn't protected by a password, contained 26 million text messages, many of which were two-step verification codes and account-reset links.
Is it realistic to think the end of our dependency on traditional user names and passwords is in sight?
While user names and passwords may not be phased out in the near-term, eventually there will not be online services that have anything of value that don't offer multiple types of two-factor authentication....
French film production and distribution company Pathe fired the two senior managers overseeing its Dutch operations after they fell victim to a business email compromise scam and approved $21 million in transfers to fraudsters. Many organizations remain at high risk from such scams.
By establishing a trusted digital relationship with users, insurers can enable legitimate consumers to apply for new policies and legitimate providers and insurance professionals to log in to their accounts without onerous authentication requirements, while requiring users identified as high risk to fulfill additional...