Why Traditional Identity Verification Methods Are On Their Way Out

1

When was the last time you provided your mother’s maiden name, or perhaps the name of your first pet, to prove your identity to access an online account? Probably not that long ago. This type of online identity verification, known as knowledge-based authentication, is little more than a speed bump to the modern fraudster. More modern methods, such as SMS-based two-factor authentication, also have their own set of vulnerabilities that today’s cybercriminals can exploit.

Simple social media searches can reveal the answers to supposed secret questions used by KBA solutions and the 4- and 6-digit codes from SMS-based 2FA can be intercepted. Because cybercrime and the dark web have evolved and become far more sophisticated, traditional forms of authentication that were once effective can no longer reliably ensure that the person logging into their online account is the actual account owner.

Hitting the headlines

In many cases fraudsters don’t even need to comb your Facebook account or intercept your text verification code for your personal information — they often already have it. This is because of massive data breaches that have sent millions of sets of personal data spilling into the ether. Names, usernames, passwords, telephone numbers, dates of birth and security answers — cyberspace is awash with it.

Data breaches happen on a near-daily basis and include global names like Yahoo!, Facebook, Quora, and Marriott/Starwood. One recent example is a December 2019 Microsoft data breach that exposed 250 million customer records — that’s a quarter of a billion people impacted by just one data breach alone.

Even in the GDPR era, these breaches are coming at a rapid-fire pace, and it’s therefore vital that we move away from traditional identity verification methods. This is where facial biometrics need to be considered as a safe and secure alternative for accessing accounts and verifying certain transactions or activities online.

Out with the old

None of the traditional methods of identity verification come without weakness and the risks are far more widespread than you think — including methods you might have considered sophisticated not so long ago. This is indicative of the speed of tech innovation and the evolving nature of online fraud, which underlines the current lack of innovative security methods.

Password-based logins are problematic because passwords are easily forgotten and inherently insecure. Out-of-Band or SMS-based 2FA also continues to be a common form of authentication, but hackers are able to easily intercept the 4- and 6-digit SMS codes via the SS7 telecommunication protocol network, or through phishing attacks.

Token-based authentication is also failing to meet the mark as a modern form of verification. An obvious drawback is that tokens must be carried at all times and are non-transferable — a characteristic that’s outdated in today’s user experience-focused world. There is also the simple weak point that tokens or fobs can be lost or stolen, presenting a further argument for more secure methods, such as biometric authentication.

Despite this, biometrics are not necessarily a silver bullet solution. Innovative fraudsters are now capable of deploying spoofing techniques, sophisticated enough to beat many kinds of biometric security once deemed robust. However, liveness detection in tandem with facial biometrics is presenting a very real solution to the problem, and with the help of Apple’s Face ID, millions of people are more familiar and comfortable with the process of using your face as a security measure.

The new dawn

The sun may be setting on the wide range of traditional verification methods that no longer cut it, but this doesn’t leave us alone in the dark. Providers of innovative identity proofing and authentication are bringing about a step change for businesses across the industrial spectrum. Using cutting-edge AI and video selfie technology, the identity of the user accessing the associated account can be linked — this is a glimpse into the future of online identity verification.

This powerful technology is available today, and it’s reliable and fast enough to eliminate variables that would once have skewed results and enabled hackers to gain access. For example, weight loss and weight gain, wearing glasses or the loss or growth of facial hair have previously been changing factors that have disrupted less sophisticated tools.

The technology’s power to restore confidence, safety and successfully analyse variables are not the only trailblazing characteristics. It will also clear a path for innovation across a range of industries. To bring this to life, it could allow you to confirm your identity in a range of situations where necessary, from checking into a hotel room you’d booked, or unlocking the keys to a car you had rented using just your selfie. It even unlocks the possibility of doing away with passwords all together. In terms of evolution, the process will take a few mere seconds to complete and will require nothing more than a smartphone, relegating the need to remember tens or hundreds of passwords to a thing of the past.

The vital need for this security enhancement is being realised by leading companies, from industries like financial services, healthcare, travel, entertainment and gaming. Modern businesses are understanding that in light of cybercrime, the dark web and the global nature of online fraud, they need to dispense with traditional, insecure and unreliable methods of authentication, and adopt modern biometric-based methods.

Philipp facilitates Jumio’s product strategy and, with his team, turns visions into products. Prior to Jumio, Philipp was responsible for paysafecard, Europe’s most popular prepaid solution for online purchases.

Source: https://forbes.com

728x90-1-1-1-1

Haven’t Tried a Password Manager? You Won’t Regret It. – Dashlane Blog

You’ve heard it before—you should use a password manager. A password manager helps you create strong, complex passwords, which are much safer than reusing the same weak passwords across all websites. But did you know that a password manager makes using the internet easier in a lot of other ways, too?…….

Source: Haven’t Tried a Password Manager? You Won’t Regret It. – Dashlane Blog

Alabama’s Regulators Use Cryptographic Hashes to Preserve Evidence Regarding Crypto-Related Scams – Omar Faridi

1.jpg

Greg Bordenkircher, the first assistant at the United States Attorney’s office, has revealed that the US state of Alabama “issued nine orders shutting down businesses that [were] advertising” potentially fraudulent investment schemes, services, and products. Bordenkircher added that Alabama has so far “got about 20 percent of all the active cease-and-desists” out of all 50 US states. Moreover, there are “another 20, 22” potential crypto-related scams that Alabama’s regulators are currently investigating, Bordenkircher told Coindesk……..

Read more: https://www.cryptoglobe.com/latest/2018/11/alabama-s-regulators-use-cryptographic-hashes-to-preserve-evidence-regarding-crypto-related-scams/

 

 

 

Your kindly Donations would be so effective in order to fulfill our future research and endeavors – Thank you

How An Amateur Rap Crew Stole Surveillance Tech That Tracks Almost Every American – Thomas Brewster

1.jpg

On a June day last year, a skinny, dreadlocked 29-year-old rapper known as Tony Da Boss lay in bed in a redbrick apartment on a tree-lined street in Charlotte, North Carolina. It was not the kind of place you’d associate with a million-dollar criminal conspiracy. But Da Boss (real name Damonte Withers) was a leader of the FreeBandz Gang, an amateur hip-hop crew of twentysomethings who were into much more nefarious activities than laying down tracks. There were warning signs that things were going to get real…..

Read more: https://www.forbes.com/sites/thomasbrewster/2018/10/12/how-an-amateur-rap-crew-stole-surveillance-tech-that-tracks-almost-every-american/

 

 

Your kindly Donations would be so effective in order to fulfill our future research and endeavors – Thank you

3 Ways for Students to Steal Your Password – Erin Werra

1.jpg

When you’re locking down your data, how secure is the password you chose? If it’s anything like the magic words above, have we got news for you. Your password tricks are not working. Worse, you might be letting security slip and opening yourself up for a student to sneak information to unlock valuable, FERPA-protected data. Are your passwords secure? Learn three ways students may be able to gain access to your passwords…….

Read more: https://www.emergingedtech.com/2018/09/3-ways-for-students-to-steal-your-password/

 

 

Your kindly Donations would be so effective in order to fulfill our future research and endeavors – Thank you

WP Site Guardian – How To Instantly Speed Up Your WordPress Sites In 1 Click By Fixing Hidden Errors

WP Site Guardian is a full featured WAF (Web Application Firewall) which protects your site against the most common types of hacking attacks – exploits. Exploits are bugs or weaknesses in programming that exists across 10,000+ plugins and themes and new ones are discovered and published daily. They make up 92% of all attacks on WordPress sites so should be the #1 priority for any security solution. A hacker can compromise a site in using an exploit in seconds no matter what security product you are running – yes you can get hacked even behind Cloudflare, the best host and the best security services/plugins no matter how much money you pay…….

Read more: https://wpsiteguardian.com/wpsiteguardianprofessional/?aid=1

 

%d bloggers like this: