Apple will introduce a feature in its new iOS 13 operating system later this year that allows the use of Apple credentials to log into other services. The feature is designed to reduce the amount of personal information that app developers obtain, a clear shot across the bow of Facebook and Google.
The right authentication controls at the right time for the right transactions - the adaptive authentication message is taking off, says OneSpan's Tim Bedard. And here are some quick wins organizations might focus on when starting down the path.
For attackers, "credential stuffing" - using stolen usernames and passwords to log into any site for which a user reused their credentials - is the gift that keeps on giving, says security researcher Troy Hunt. Here's how organizations can mitigate the threat.
In today's digital environment, protecting sensitive information and sales transaction data is of critical importance. Technology and advanced loyalty programs are driving the collection of additional data, causing consumers to pay more attention to the types of data they are willing to share with merchants.
In...
Fifty-four percent of survey respondents say their institutions' digital authentication measures are average or below when compared to their peers. And 55 percent rate themselves at average or below when it comes to their institution's current ability to apply the right amount of security to the right transactions at...
The indictment of two Chinese men for a 2014 cyberattack on health insurer Anthem that compromised information on nearly 80 million individuals contains extensive details about the incident that security professionals can use to help with their breach prevention strategies.
The bad guys are getting very creative, impersonating an executive in your organization and asking for financial reports or they ask employees in payroll to make changes to bank accounts. According to the FBI, their efforts have earned them an estimated $12 billion through Business Email Compromise also know as CEO...
Every day needs to be password security day - attackers certainly aren't dormant the other 364 days of the year. But as World Password Day rolls around again, there's cause for celebration as Microsoft finally stops recommending periodic password changes.
Citrix says the data breach it first disclosed in early March appears to have persisted for six months before it was discovered and the hackers were ejected. In an ironic twist, the company sells the very products that might have blocked recent credential stuffing and password spraying attacks against it.
Access risk: Security leaders understand their governance and technology challenges. But addressing them with new automated tools - and selling these new processes within their organizations? Those are the problems attendees attempted to solve at a recent dinner in Philadelphia.
Biometric technology has been gathering traction and is becoming almost ubiquitous across a range of industries and applications. But how does it work, what are the benefits, and what do businesses need to look at when implementing the technology?
Watch this Q&A with Onfido's biometrics expert, Susana Lopes, to...
Google's latest security feature enables the use of Android phones as a security key, eliminating the need for a separate token or hardware device. The free feature is potentially more appealing that Google's Titan security keys, which cost $50.
We've all seen what's possible with the Dark Web thanks to Silk Road. If you're interested in buying or selling someone's private data like social security numbers or credit card information, it's disturbingly easy to do. All you need is a computer, a Tor Browser and Cryptocurrency, and it's all completely...
How well can banking institutions apply the right amount of security to the right transactions at the right time? Tim Bedard of OneSpan answers this question in his analysis of ISMG's new State of Adaptive Authentication in Banking survey.
Passwords are still a persistent security threat, given their ubiquity as a form of authentication and the inability of users to create strong, unique passwords. John Bennet of LogMeIn discusses the issue and solutions.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.
