Video Screencast Help
Authentication (User) Blog
Showing posts tagged with Risk-based Authentication Services
Showing posts in English
vijai | 02 Apr 2008 | 0 comments

Posted by Vijai Shankar, Sr. Product Marketing Manager at VeriSign, Inc.

I posted earlier today about the difficulty in remembering passwords, security questions, our daily tasks etc. and mentioning consumers to ask organizations to introduce secure, yet painless authentication methods. Here's another incentive for organizations to make life easy yet secure for consumers at a lower cost. VeriSign is now offering up to 5,000 FREE CREDENTIALS to each organization joining the VeriSign Identity Protection Network by Sept 30, 2008. This is a great incentive for organizations looking to deploy strong or two-factor authentication and be a part of a Network enables consumers to use a single credential across multiple site. The timing is opportune. With quite a few...

vijai | 02 Apr 2008 | 1 comment

Posted by Vijai Shankar, Sr. Product Marketing Manager at VeriSign, Inc.

We are seeing more and more articles about the difficulty remembering username and passwords. To add to the list along with our other stuff to remember i.e. household chores, birthdays etc., we now have to remember the new trend of security questions along with username and passwords. I was having a problem logging into one of my student loan accounts, which not only had a username and password but a set of security questions in a PARTICULAR order. Phew, needless to say I was locked out and had to call in, listen to some crazy call center music and after 15 minutes of waiting, spoke to an agent to unlock my account.

I saw this article in The Wall Street Journal about the daunting task of managing passwords, a complicated system she came up with, aggravated by the added task to manage...

vipmobile | 01 Apr 2008 | 0 comments

Posted by Kerry Loftus

I drove my 13-year-old and his friends to one of their activities recently (yes, I have a minivan) and their conversation was really interesting and eye opening. I quickly called my gal pals in Erie, PA to find out if they were hearing the same and got the affirmative so this is not just a 'valley' phenomena. All of our kids are online and many are using various email, IM and social networking applications. Did you know that they all know each other's usernames and passwords? If they don't know the password part, they can very quickly guess (I chimed in at one point and asked them if they knew anything about 'strong passwords'-- most of them replied that they just use 'password'!). They didn't really think protecting the information was important.

It's probably harmless to sign in as your friend on IM and send one of the girls in your class a provocative message, but couldn't that be the tip of the iceberg? What about online...

Tim Callan | 31 Mar 2008 | 0 comments

Posted by Jen Gilburg

Last week a news headline from across the pond proclaimed:

"Abbey wary of two-factor authentication. Bank decides against password verification devices because customers consider them a hassle."

Turns out Abbey, a major retail bank in the UK, did a survey on strong authentication. Turns out that two-thirds of those surveyed did not want the "hassle" of two-factor authentication. Turns out those surveyed even poo-pooed challenge questions.

So Abbey decided to act on the survey results. They decided to do nothing. And they decided to shout it out for all (including the fraudsters) to hear!

I question which business schools their marketing folks graduated from.

I wonder too what context the survey questions were raised (perhaps a brief explanation of how two-factor authentication protects against...

Vicente | 21 Mar 2008 | 0 comments

Posted by Vicente Silveira, Sr. Product Manager for VIP Fraud Detection Service

The never ending parade of consumer data leakage and the inevitable fraud that follows added another participant this week with the Hannaford incident. This time, the damage amounts to 4.2 million credit and debit cards being compromised. It is early to tell all the ramifications of this incident, but the unraveling already started with the first salvo of class-action lawsuits against Hannaford.

When I see something like this happen, I'm always left to wonder: what is the true cost of a fraud incident ?

Looking back to some of the high-water mark incidents of the past we can have some hints of what the direct cost involved may look like. Take...

Vicente | 12 Mar 2008 | 0 comments

Posted by Vicente Silveira, Sr. Product Manager for VIP Fraud Detection Service

If you live in the UK, the answer would be a little over twenty thousand dollars (at current exchange rates) for the average adult internet user, a nice bounty for phishers, bot herders, malware coders and other cyber-criminals to go after.

This is based on highlights of a recent YouGov survey that estimates European Internet users are risking up to 1.6 trillion dollars by sharing personal and financial data with sites that are not adequately protected, with UK Internet users responding for a 731 billion chunk of the total amount.

What the research also suggests is that the ubiquity of social networking and other data sharing sites has increased dramatically the quantity and sensitivity of the information available on the web, with users volunteering more and more details in order to...

Tim Callan | 10 Mar 2008 | 0 comments

Posted by Jen Gilburg, Director of Business Development for Identity and Authentication Solutions

I have a confession to make. I was almost a victim of fraud.

It involved Craig's List, the selling of a refrigerator, a random check for $3000 over the amount being sent for payment, the panic of the buyer for overpaying and them begging me to 'Western Union' them the erroneous overpayment once I cashed the check. I was even 'offered' $200 of the overpayment for my troubles.

I am embarrassed to admit- I got all the way to the bank. I actually deposited the check- then in a last minute of "this doesn't seem right" had them run the check and low and behold...

Truth is I was taken off guard, in the middle of a move, not really paying attention-- just happy to have the refrigerator out of my garage.

What is mortifying is that I have been working in security sector of high tech for the last 20 years. The fact I didn't immediately rip up the...

Vicente | 06 Mar 2008 | 0 comments

Hi there! My name is Vicente Silveira and I'm responsible for the VIP Fraud Detection Service , or as we call it, VIP FDS, product at VeriSign.

Our team develops products that help businesses and individuals transact securely on the internet. Needless to say we have a lot of work to do.

I just spent some time in Europe talking to financial institutions and comparing notes on fraud trends here and there. One of the quick conclusions is that online criminals are sharing tools and methods on a global basis and on a scale that we haven't seen before.

One example is a modern variation of an old stock touting technique known as "Pump and Dump" , where fraudsters use e-mail spam to falsely promote a thinly traded instrument (such as a...

vipmobile | 28 Feb 2008 | 0 comments

Posted by Kerry Loftus, Vice President of Consumer Authentication

I am constantly evaluating our offerings and other technology solutions, asking: will this really play in my hometown of Erie, PA? The challenge for security vendors has always been there but have we delivered solutions that provide a broad spectrum of security for our customers depending on their needs, risks and users? Two years ago, when the FFIEC guidance around multifactor authentication came out, our customers told us we hadn't. Companies like VeriSign quickly innovated to find that right balance between security, usability, and convenience. Device IDs, images, networked authentication and a whole host of convenient 2-factor credentials emerged and the race is on to find that next game- changing security solution.

We at VeriSign believe there are two critical pieces to this moving forward:

1. Open standards. In other words: two-factor authentication solutions from...

Tim Callan | 26 Feb 2008 | 0 comments

My name is Jen Gilburg and I am the Director of Business Development for the Identity and Authentication Solutions team here at VeriSign.

Google's announcement of the launch of a new program that allows users to post their medical records online caught my attention. While there are obvious benefits to having a centralized store of historical health information, medications, test results, etc., my first inclination was to be concerned about the security of such personal information.

Naturally I am inclined to believe that everything should have strong authentication. However, not wanting to be overly paranoid, I thought I would investigate just what the exposure is should one gain access to my medical records. I mean -- just how much damage could be done should someone discover that I have hay fever and a rather bizarre allergic reaction to arugula? Is...