Deciphering Multi-Layered Identity Proofing Strategies

Fraudsters are a smart group. With each fraud prevention method that’s introduced, they figure out ways to work around it. Organizations must be careful when using technologies that fraudsters may have compromised, but that doesn’t mean throwing everything out and starting from scratch. Equifax fraud expert, Gasan Awad, recently blogged about this for the RSA [Read More…]

Cybersecurity National Action Plan

On February 9, 2016, the President implemented the Cybersecurity National Action Plan (CNAP) designed “to enhance cybersecurity awareness and protections, protect privacy, maintain public safety as well as economic and national security, and empower Americans to take better control of their digital security.” Threats against business and the government are continuing with a record number of [Read More…]

Allaying concerns about fraud from third-party vendors

Companies have spent a great deal of time and money protecting their core systems and infrastructure from cyber attacks — hardening their perimeters and moving to risk-based authentication for moderate to high risk resources. The collaborative environment of modern companies also means that there are quite a few “extranets”, which allow for information sharing with partners, third-party vendors, and [Read More…]

Hackers Leave Customers Everywhere At Risk

Before most systems are hacked, a personal or corporate identity is compromised – online or offline. An initial compromise may be a very sophisticated, software-driven breach of a website’s infrastructure; such as the recent data breach reported last month at JP Morgan, where it’s reported that Russian-based hackers took advantage of a technical flaw in [Read More…]

Combating Transaction Fraud

We have all heard the news that data breaches and the subsequent identity theft of all types is the fastest growing crime in the US today. More people and businesses are being impacted for larger dollar amounts − witness the impact of the Target and Home Depot breaches. Unfortunately, there is no such thing as [Read More…]

Combating Identity Misuse and Fraud in a Global, Social Economy

Illicit use of identities has been occurring for many years; however, due to the faceless nature of e-commerce and now consumer banking, the impacts are being felt in a painful way across all industries. It is not uncommon for fraud losses to be measured in the tens of millions of dollars, and these losses have [Read More…]

Assessing Risk for the Best Fraud Prevention

Leading analysts have called for a layered security model to protect against online fraud, account take-over, and financial loss.  Trends are also showing that businesses need to improve the interactive end user experience by minimizing intrusive authentication methods while still maintaining security for online transactions and reducing the opportunities for fraud. There is a way [Read More…]

Protecting Against Willful Compromise

A lock is easily opened when the owner gives the key to somebody else. This is true for gaining access to online accounts with passwords as well as second factor authentication tokens and smart cards. A person can willfully share their credentials for a number of reasons. A husband may share password and token with [Read More…]

Authentication and Encryption Working Together

As online traffic increases, organizations are making decisions about appropriate levels of authentication for their consumer-facing portals. These organizations are determining how authentication “speed bumps” in front of consumers affect adoption and use because they want to make it easy for a consumer to get to his data. The problem, of course, is that making it easy [Read More…]

Authentication and “Defense-in-Depth”

In all successful data security systems, the goal of the organization should be to combine multiple authentication strategies with the right combination of enterprise security solutions to better assure the organization that the user on the opposite end of the online transaction is the person the company expects to be executing that specific transaction. Authentication [Read More…]