Financial institutions and businesses in other sectors must continually collect information about their online customers to ensure stronger authentication, says Avivah Litan, a fraud expert and analyst for the consultancy Gartner.
The breach of a card loyalty marketing company has reignited discussions about the roles banking institutions, regulators and others play when it comes to mitigating third-party risks. Where should the buck stop?
Knowledge-based authentication is no longer reliable, says fraud expert Avivah Litan, an analyst at Gartner. She explains why so-called behavioral authentication is the only reliable way to verify users.
Mitigating card risks associated with retail malware attacks and POS vulnerabilities is a focus of updates to the PCI Data Security Standard, say Bob Russo and Troy Leach of the PCI Security Standards Council.
Two states are testing new technologies that, if successful, should make it easier for citizens to securely access government services online with the side benefit of mitigating fraud and identity theft.
Hackers allegedly trafficking in personally identifiable data have reportedly breached the computers of three major data aggregators, raising doubts about knowledge-based authentication as a tool to verify identity.
NIST awards a total of $7 million in grants to five organizations to develop and pilot reliable and easy-to-use identity credentials that could help build trust in online commerce and boost the economy.
Citi's settlement with two states over a breach that exposed 360,000 cards will likely set an example for other states. One expert says banking institutions will likely pay more damages when accounts are compromised.
A new cross-device malware strain that has been linked to last year's High Roller attacks is defeating dual-factor authentication. Experts explain why banking institutions worldwide should be on alert.
Account takeover techniques are getting more sophisticated; new "account checkers" are helping hackers automate their processes. The trend is just one more reason why we need advanced forms of authentication.