Financial sector granted life-line extension to PSD2’s Strong Customer Authentication

By James Stickland | November 5, 2019
Regulators put little trust in the strength of the current payment authentication system and rightly so, as fraud levels have hit an all-time high. In the last year, over 2.6 million UK accounts have been defrauded and of those fraud cases 76 per cent were remote purchases. It is estimated that overall, Europe suffers from a […]
Read More

Align Interview: Former Met Police CIO Richard Thwaite on why digital transformation starts with people

By Fred O'Connor | October 30, 2019
The Align interviews offer the perspectives of CIOs and CISOs on technology, leadership, security and digital transformation.  For any digital transformation project to succeed CIOs need to keep in mind the people who will be impacted. That’s the advice from Richard Thwaite, who’s served as CIO of the Metropolitan Police Service, UBS Global Asset Management […]
Read More

Biometrics and behavioral data for authentication? The BBC looks at what may replace passwords

By Fred O'Connor | October 29, 2019
Protecting data will eventually not involve using passwords, judging by a BBC article on why passwords don’t work and what will take their place. Lately, passwords “have been in the news lately for all the wrong reasons,” said the article, citing the Quora website hack that exposed the passwords of 100 million users and the […]
Read More

The top six reasons to use passwordless authentication

By Fred O'Connor | October 24, 2019
Everyone seems to want to stop using passwords. Security and IT professionals loathe them because they’re frequently used by attackers to infiltrate organizations. Anyone who handles user experience dislikes passwords because they’re not very user friendly. Despite this grumbling, passwords have been the main way we authenticate since the 1960s, chiefly because no one has […]
Read More

Why the FBI called for using biometrics in MFA

By Fred O'Connor | October 21, 2019
One-time passwords may no longer be effective in multi-factor authentication. That’s according to the FBI, which recently warned companies that threat actors are obtaining OTPs and circumventing MFA techniques. While OTP theft is still rare, these incidents are becoming more common. This doesn’t mean organizations should stop using MFA, which Google and Microsoft have found […]
Read More

Going passwordless? Start by looking for products with these three features

By Fred O'Connor | October 15, 2019
Organizations that are eliminating passwords are in good company. Microsoft is phasing out password authentication for its employees (and expects other businesses to do the same) and Gartner has noted that more enterprises are interested in going passwordless. But the identity and access management market is crowded with vendors offering some type of passwordless technology. […]
Read More

To succeed in security, think about the business

By Fred O'Connor | October 8, 2019
Deep security knowledge isn’t the only skill CISOs need. To succeed as a security leader, knowing how security can enable the business, especially around providing a better user experience, is also essential, judging by a panel discussion at the Financial Services CyberTech Forum, which was recently held in London. Security is a part of the […]
Read More

Cutting through the hype on true passwordless authentication

By Fred O'Connor | October 3, 2019
There’s a lot of vendor hype around authenticating without passwords. But many aren’t offering true passwordless authentication. Instead, they’re selling what can be called passwordfree authentication. What’s the difference? One emphasizes user convenience over security and the other truly eliminates passwords from authentication. Here’s a technical perspective from Veridium Chief Product Officer John Spencer. Passwordfree […]
Read More

Ecuador Data Breach: An Entire Nation’s Data Exposed

By James Stickland | October 2, 2019
Over 20 million Ecuadorians have had their personal data exposed online in a massive and unprecedented national data breach owing to an unsecured server. The Ecuadorian government confirmed that the details of 16.5 million living citizens, of whom 7 million are minors, as well as several million deceased individuals were exposed. The breach disclosed a […]
Read More