Authentication

Continuous Identity Assurance Allows You To Step Away

Have you ever wondered how do applications know if “its still you” 10 minutes after you log in to the app? Suppose you have to join a conference call, leave for a meeting, or take a bio break. As far as the app is concerned, since you haven’t performed any activity for a given period…

LinkedIn Breach: The Death of Passwords Has Finally Arrived

The headline screamed at me this morning when I opened my inbox, “117 million LinkedIn user credentials compromised.”  I had no reaction as I went to get my first cup of coffee.   Credentials have become a commodity to hackers and are sold widely and cheaply in different venues—both in the deep-and open-web.   Stolen credit cards…

Next-Generation Authentication: Addressing Changing Compute Paradigms

To achieve optimal security in today’s rapidly evolving computing environment, companies are turning to sophisticated authentication mechanisms. Next-generation authentication is identity and access validation that adapts to protect assets against both static and continuously changing variables. This type of authentication needs to accommodate the following: The burgeoning of bring-your-own-device (BYOD) trends The growing reliance on…

3D Secure Innovations: New Analytics Dashboard Helps Improve Response to Fraud

The 3D Secure protocol has been much (and somewhat unfairly!) maligned for the negative impact it has on the cardholder’s online experience. Requiring cardholders to produce their password each and every time they try to transact on a participating merchant site significantly disrupts purchase flow. Adding friction to the online checkout process leads to cart…

Making Smart Choices for Identity Assurance

Good news: in 2015, device makers, OS providers and authentication solution providers all picked up their momentum on initiatives tackling user authentication challenges. Cases in point: the support of fingerprint sensors in Google Android M, the proliferation of Apple Touch ID supporting solutions, Microsoft Windows 10 multi-method biometric support, Samsung’s fingerprint enabled devices, and the…

Ransomware Rules for Payment: Do Extortionists Have the Advantage?

When an entire health system fell prey to cybercriminals and medical records were locked up by a ransomware attack in early February, there seemed no choice but to pay the sum demanded in order to avoid the impact on patient care: $17,000 in 40 Bitcoin.   And in that single moment, one hospital became the obligatory…

Authentication: One Size Does Not Fit All

I’ve been coming to the RSA conference on and off (mostly on) for more than 15 years, and each year there seems to be more strong authentication vendors demonstrating new and interesting approaches to authenticating end users. At RSA, we track and test these different approaches to find the best ones for integration into our…

Biometrics: A Next-Generation Authentication Mechanism

The days of username and password combinations are coming to an end as next-generation authentication mechanisms come of age. Faced with having to remember old-style credentials for an ever-wider range of applications, most users have resorted to insecure password management practices such as writing down credentials. This is especially the case when using complex passwords…

Beyond the Login: Web Behavior Analytics Helps Retailers Stop Fraud

In a world of scammers, fraudsters and bad actors, there are two immutable rules thoroughly entrenched in the consciousness of IT professionals trying to stop them.  Rule 1: If there is something to monetize, cybercriminals will find it.  Rule 2: If you have a loophole or weak control on your website, cybercriminals will find it.…

Context-Based, Next-Generation Authentication: Key Traits and Endurance

When analyzing a particular component within a security ecosystem, it is always useful to first take a drone’s-eye view of the system. This strategy can be used to map precisely where within the infrastructure the component may be deployed most efficiently. Where is its mission critical? Where can it profitably replace an alternative? Where will…