Securing Remote Access With Risk-Based Authentication

Data Breach Today

Implementing an adaptive, risk-based authentication process for remote system access is proving effective as more staff members work from home during the COVID-19 pandemic, says Ant Allan, a vice president and analyst at Gartner

Amazon's Ring Mandates Two-Factor Authentication

Data Breach Today

Company's Action Follows Similar Move by Google Nest Amazon's Ring is mandating the use of two-factor authentication for all users, a move designed to help stop creepy takeovers of the web-connected home security cameras.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Using Blockchain for Authentication

Data Breach Today

In an interview, Rohas Nagpal, a chief architect at Primechain Technologies, describes how blockchain can be used for authentication and pinpoints areas where blockchain is not the ideal technology. He'll be a featured speaker at ISMG's Security Summit in Mumbai Thursday

The Vision for Omnichannel Authentication

Data Breach Today

Enterprises today have many digital ways of interacting with their customers - and therefore just as many ways for authenticating those users and transactions. Sesh Venkataraman of CA Technologies explains the business value of omnichannel authentication solutions

2020 Database Strategies and Contact Acquisition Survey Report

As buyer expectations continue to heighten, marketing and sales teams are feeling pressured to deliver authentic messaging to buyers at every point of their customer journey. This report aims to highlight the current state of B2B database and contact acquisition strategies, and organizations’ goals to leverage data to fuel their go-to-market strategies in 2020 and beyond.

Mobile Malware Bypasses Banks' 2-Factor Authentication: Report

Data Breach Today

IBM Researchers Describe How 'TrickMo,' a TrickBot Variant, Works A variant of the TrickBot Trojan bypasses two-factor authentication for mobile banking, for example, by intercepting one-time codes sent over SMS, according to IBM X-Force

BlueZone Web: Multi-factor authentication

Rocket Software

your organization can now lean on multi-factor authentication (MFA) to secure HTML5-based terminal emulator access. BlueZone web allows users to have their first point of authentication as an internal user, LDAP registered user or MS SQL User. The multi-factor authentication market is expected to reach 21 billion USD by 2025. The post BlueZone Web: Multi-factor authentication appeared first on The Rocket Software Blog.

FBI: Cybercriminals Are Bypassing Multifactor Authentication

Data Breach Today

Threat Actors Using Social Engineering, Other Technical Techniques to Circumvent MFA Protections The FBI is warning banks, businesses and other organizations that cybercriminals are using social engineering and other technical techniques to circumvent multifactor authentication security protections

FFIEC Final Authentication Guidance

Data Breach Today

The Final FFIEC Guidance has been issued and its main intent is to reinforce the 2005 Guidance's risk management framework and update the Agencies' expectations regarding customer authentication, layered security, or other controls in the increasingly hostile online environment

Here's Why Account Authentication Shouldn't Use SMS

Data Breach Today

Database Blunder Left Two-Step Codes, Account Reset Links Exposed A database security blunder revealed on Friday serves as a reminder that the days of SMS-based authentication should be over.

Reddit Breach Highlights Limits of SMS-Based Authentication

Krebs on Security

What’s interesting about the incident is that it showcases once again why relying on mobile text messages (SMS) for two-factor authentication (2FA) can lull companies and end users into a false sense of security. APP-BASED AUTHENTICATION.

The Vision for Omnichannel Authentication

Data Breach Today

Enterprises today have many digital ways of interacting with their customers - and therefore just as many ways for authenticating those users and transactions. Sesh Venkataraman of CA Technologies explains the business value of omnichannel authentication solutions

Strong Authentication vs. User Experience

Data Breach Today

Balancing Made Easier It is a simple fact that strong authentication will impact user experience and effectiveness

The Growth of Adaptive Authentication

Data Breach Today

OneSpan's Tim Bedard on Evolutionary Strategies and Controls The right authentication controls at the right time for the right transactions - the adaptive authentication message is taking off, says OneSpan's Tim Bedard. And here are some quick wins organizations might focus on when starting down the path

The Vision for Omnichannel Authentication

Data Breach Today

Enterprises today have many digital ways of interacting with their customers - and therefore just as many ways for authenticating those users and transactions. Sesh Venkataraman of CA Technologies explains the business value of omnichannel authentication solutions

Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers

Krebs on Security

says it will soon force all Cloud Solution Providers (CSPs) that help companies manage their Office365 accounts to use multi-factor authentication. As it happened, the PCM employee was not using multi-factor authentication. In response, Microsoft said while its guidance has always been for partners to enable and require multi-factor authentication for all administrators or agent users in the partner tenants, it would soon be making it mandatory.

The Road to Adaptive Authentication

Data Breach Today

Tim Bedard of OneSpan answers this question in his analysis of ISMG's new State of Adaptive Authentication in Banking survey OneSpan's Tim Bedard Analyzes New Banking Security Survey How well can banking institutions apply the right amount of security to the right transactions at the right time?

NEW TECH: Silverfort helps companies carry out smarter human and machine authentications

The Last Watchdog

Doing authentication well is vital for any company in the throes of digital transformation. Related: Locking down ‘machine identities’ At the moment, companies are being confronted with a two-pronged friction challenge, when it comes to authentication.

PSD2 Authentication Requirements: The Implementation Hurdles

Data Breach Today

14 deadline for compliance with the new PSD2 "strong customer authentication" requirements for electronic payments, it may take a while for European consumers to notice authentication changes Banks, Merchants, Processors Struggling to Comply With Mandate Because banks, fintech firms, merchants and payments processors in the EU have struggled to meet the Sept.

How Multi-factor Authentication Can Benefit Your Industry

Rocket Software

For almost every industry, multi-factor authentication can be beneficial. What is Multi-factor Authentication? Multi-factor authentication (MFA) is any password that requires multiple steps or components to facilitate logging in.

Authenticating in the Age of IoT

Data Breach Today

Nok Nok Lab's Philip Dunkelberger on Why Traditional Authentication Won't Work With the advent of the internet of things, authentication needs to be far more scalable, says Phillip Dunkelberger, CEO of Nok Nok Labs

Reddit Says Attackers Bypassed SMS-Based Authentication

Data Breach Today

Yes, Reddit Was Breached; No, Don't Dump Multifactor Authentication Reddit suffered a data breach in June after attackers managed to bypass its SMS-based two-factor authentication system.

State of the Authentication Landscape

Data Breach Today

Shane Weeden, and authentication expert with IBM Security, discusses the future of authentication and why he's encouraged by the FIDO2 initiative As we approach 2019, is it realistic to think the end of our dependency on traditional user names and passwords is in sight?

Mastercard on the Evolution of Authentication

Data Breach Today

Fraud schemes have migrated in recent years, exposing inherent vulnerabilities in how most organizations authenticate users. Diego Szteinhendler of Mastercard outlines new strategies and tools for evolving authentication practices beyond solely payments security

PSD2 Authentication Deadline Extended: Here's What's Next

Data Breach Today

European Banking Authority Insists EU Nations Take a Consistent Approach to Migration Now that the deadline for all e-commerce card-based transactions in the EU to comply with the new PSD2 "strong customer authentication" requirement has officially been extended to Dec. 31, 2020, authorities are emphasizing the need to make a smooth, uniform migration to the new forms of authentication

Revamping Authentication With Automation and ML

Data Breach Today

Automation and machine learning can be leveraged to make identity-driven authentication a smoother process, says Saryu Nayyar, co-founder and CEO at Gurucul, a behavioral analytics company

The Future of Adaptive Authentication in Financial Services

Data Breach Today

Key findings from a recent study that surveyed the state of adaptive authentication in FIs. In this webinar, OneSpan and ISMG summarize key findings from a recent study that surveyed the state of adaptive authentication

Passwordless? Imagining the Future of Authentication

The Security Ledger

Gerald Beuchelt, the Chief Information Security Officer at LogMeIn talks about how changes in authentication may deliver a passwordless future. Imagining the Future of Authentication appeared first on The Security. The average employee in the workplace has 191 passwords.

Babel of IoT Authentication Poses Security Challenges

Dark Reading

With more than 80 different schemes for authenticating devices either proposed or implemented, best practices and reference architectures are sorely needed, experts say

Good Primer on Two-Factor Authentication Security

Schneier on Security

Stuart Schechter published a good primer on the security issues surrounding two-factor authentication. authentication twofactorauthentication usabilityWhile it's often an important security measure, it's not a panacea.

FBI Warns of Cyber Attacks on Multi-Factor Authentication

Adam Levin

The FBI is warning businesses about a new series of cyberattacks that can circumvent multi-factor authentication (MFA). In a Private Industry Notification (PIN), the FBI warned businesses that “cyber actors” had been observed, “circumventing multi-factor authentication through common social engineering and technical attacks.” The post FBI Warns of Cyber Attacks on Multi-Factor Authentication appeared first on Adam Levin.

Real-Time Attacks Against Two-Factor Authentication

Schneier on Security

Attackers are targeting two-factor authentication systems: Attackers working on behalf of the Iranian government collected detailed information on targets and used that knowledge to write spear-phishing emails that were tailored to the targets' level of operational security, researchers with security firm Certfa Lab said in a blog post. authentication email maninthemiddleattacks phishing twofactorauthentication

How Two-Factor Authentication Keeps Your Accounts Safe

WIRED Threat Level

Here are some of the best authenticator apps and options. It may take a moment to set up, but once you have 2FA enabled where it counts, you can rest easier. Security Security / Security Advice

Authentication in the Era of Trusted Identity

Data Breach Today

OneSpan's David Vergara on the Combined Power of Legacy and Emerging Technologies At the advent of real-time payments, it's more critical than ever for organizations to quickly authenticate users and transactions.

Pandemic Could Accelerate Passwordless Authentication

Dark Reading

As we celebrate another World Password Day, security pros are hopeful that when we move out of the stay-at-home period, companies will continue to focus on digital technologies - and ditching passwords

As 2-factor authentication falls short, ‘adaptive multi-factor authentication’ goes mainstream

The Last Watchdog

The use of an additional form of authentication to protect the accessing of a sensitive digital system has come a long way over the past decade and a half. An Israeli start-up, Silverfort , is seeking to make a great leap forward in the state-of-the-art of authentication systems. Silverfort has introduced new technology that is designed to help corporations address unprecedented authentication exposures spinning out of ‘digital transformation.’.

Explained: Two-Factor vs. Multi-Factor Authentication

The Security Ledger

It may seem like two-factor authentication and multi-factor authentication are the same. Companies LastPass multi-factor authentication Opinion Passwords Sponsors Technologies Top Stories two-factor authentication authentication cyber security passwordThey're not, explains Yaser Masoudnia, the Senior Director of Product Management at LastPass.*. Related Stories Episode 162: Have We missed Electric Grid Cyber Attacks for Years?

OpenBSD Hit with Authentication, LPE Bugs

Threatpost

The authentication bypass (CVE-2019-19521) is remotely exploitable. Bug Bounty Vulnerabilities authentication bypass Local Privilege Escalation LPE OpenBSD Patches Qualys Security Vulnerabilities

PSD2 Authentication Deadline Needs to Be Firmed Up - Now

Data Breach Today

European Banking Authority Should Act Quickly to Adopt Uniform Timeline for All EU Nations Delayed enforcement of the "strong customer authentication" requirements for online transactions under the European Union's PSD2 regulation is hampering efforts to enhance security.

Chinese Hackers Bypassing Two-Factor Authentication

Schneier on Security

Interesting story of how a Chinese state-sponsored hacking group is bypassing the RSA SecurID two-factor authentication system. How they did it remains unclear; although, the Fox-IT team has their theory.