Until we get to a stage where we can guarantee the confidentiality of static identity reference data, such as names, addresses, emails and favorite cat colors, we must move away from relying on knowledge-based authentication.
Truly massive amounts of this information are stolen on a regular basis, proving we are...
Fraudsters are a smart group. With each identity proofing or fraud prevention method that's introduced, they figure out ways to work around it. Organizations must be careful when using techniques that fraudsters may have compromised, but that doesn't mean throwing everything out and starting from scratch. With...
While the Social Security Administration's 2011 decision to randomize Social Security Number (SSN) issuance made the identifier less susceptible to fraudsters, it also caused a series of unintended consequences for organizations that rely on the number's sequencing as a key part of identity-verification and fraud...
The 30-day Cybersecurity Sprint overseen by Federal CIO Tony Scott has crossed the finish line, but in reality, it looks more like a starting gate to a marathon to get the federal government to secure its battered IT.
Millions of user credentials are breached regularly - whether we hear of the incidents or not. So, why do we continue to rely on passwords? Derek Manky of Fortinet discusses authentication and data retention.
The hacker community can be a cynical crowd, or perhaps a realistic one, that tries to make the best of the threats confronting society. CISO Dan Geer, for example, prefers to hire security folks who are, more than anything else, sadder but wiser.
Using big data to fight fraud is a challenge for most organizations. Andreas Baumhof of ThreatMetrix explains how context-based authentication combines fraud and security to leverage the use of big data.
Individuals resort to lying about themselves to protect their identities when accessing systems in today's imperfect cyber world, says Peter Tapling, president of Authentify, an out-of-band authentication service.
One key factor in efforts to reduce reliance on passwords for authentication will be international acceptance of the FIDO Alliance's soon-to-be released protocol for advanced authentication, says Michael Barrett, the alliance's president.