Last night, password management company LastPass notified users in a blog postthat it had been the target of a hack that accessed users’ email addresses, encrypted master passwords, and reminder words and phrases the service asks users to create for those master passwords.
In general, we are not a fan of password management tools. While they provide convenience, a central repository of any sensitive data is always going to garner greater attention from hackers.
In my experience as a fraud prevention consultant, I constantly have discussions with financial institutions and with different profiles of fraud prevention managers. Each with its own way of visualizing fraud and thus its own strategy to reduce it. The fact is that regardless of the institution and the fraud managers' profile, there are three key considerations to be given before deciding how to deal with fraud, keeping in mind that it is virtually impossible to eliminate. Read more
The latest release of Easy Solutions’ DetectID authentication platform has enhanced its push authentication technology to include more options and features, making it the most convenient, intelligent and trusted mobile two-factor solution on the market. The new features in this latest version include: Read more
We’ve rolled out some new updates to our DetectID product line, including updates to our push authentication to provide you with a more secure and streamlined two-factor experience. Read more about a few of the updates below:
QR Code Registration Option
DetectID now offers device registration using QR codes for soft token and push authentication. QR Code generation and delivery is supported on the iOS and Android platforms through an SDK or the DetectID app. The QR Code is scanned automatically, using the camera on the device, and the token is immediatelyimported and ready to use for receiving instant push authentication messages.
Mobile Banking offers considerable promise for true interaction with customers as well as key differentiators to attract gen Y consumers. Simple and stronger authentication is key to manage risk and to ensure continued success in the mobile market.
The first generation of strong authentication for mobile typically utilized the same authentication factors as the online banking channel. This approach was mostly driven by the need to go to market quickly and also cost considerations. The most common method at that time was to use traditional static challenge questions.
A year after the Twitter-AP event, new security vulnerabilities and breaches (Heartbleed, Target, to name a few) continue to be in the weekly headlines. Organizations affected by those events have taken some measures to prevent them from happening again, and the largest financial services companies are investing heavily in cyber security. JPMorgan Chase, the nation’s largest financial institution, recently announced they are investing in additional layers of security, to the tune of $250 million annually and 1,000 people dedicated to the effort. Other organizations with high-value data and assets should follow that trend, and make a real assessment of their current solutions to see if they really help them combat cyber attacks and fraud in an effective way.
Ever since banks began issuing credit and debit cards, criminals have been intent on stealing this valuable data. Despite the concerted effort on behalf of the financial services industry to stem the tide of card theft, the fraudulent use of payment cards continues to cost the industry billions of dollars every year in losses. But a host of new behavior detection technologies -- coupled with Big Data analysis – are helping to turn the tide in favor of financial institutions intent on protecting their customers’ personal payment information. Read more
A large, national mutual savings and loan association, founded in 1971, is in the business of providing financial services to help families begin saving for large purchases. Today, the organization processes transactions for hundreds of thousands of clients. Read more
In light of Twitter’s recent decision to offer two-factor authentication, many have noted that phone-based authentication is impractical for enterprise twitter users, many of whom rely on multiple individuals to manage a single enterprise account. While a noble gesture, it is both impractical but also not as secure as many may think. So what should Twitter do? Why not look to a group of companies who have long had a need to authenticate their users before enabling transactions - banks. Read more