A Review of the Best News of the Week on Identity Mgt & Web Fraud

Is Your Mobile Carrier Your Weakest Link? (Krebs on Security, Aug 27 2017)
More online services than ever now offer two-step authentication — requiring customers to complete a login using their phone or other mobile device after supplying a username and password. But with so many services relying on your mobile for that second factor, there has never been more riding on the security of your mobile account. Krebs provides some tips to ensure your mobile device (or, more specifically, your mobile carrier) isn’t the weakest link in your security chain…

Her invention is a nightmare for hackers, and could soon become the ‘gold standard’ for online identification (Business Insider Nordic, Aug 30 2017)
Swedish company Yubico is pioneering a digital security standard that uses an USB drive for online identification. With customers including Google, Facebook and Dropbox, and a $30 million capital injection secured, how ubiquitous will it become?

Credit card fraud: What you need to know now (CSO Online Cyber Crime, Aug 30 2017)
Maritza Dominguez has seen some impressive attempts at payment fraud in her 18 months as trust and security lead at Patreon, a site that allows online artists and web content creators to get paid by running membership businesses for their fans. The scheme she uncovered this summer proved to be one of the most impressive to date, not only for its innovation but for its sheer complexity…


Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report


How Identity Can Empower Healthcare (Auth0 Blog, Aug 25 2017)
Building a fully digital hospital means securely storing your patients’ data and accommodating new technologies like the AI-enhanced virtual medical assistants. It means letting patients access their own data when they need it, putting them more in control of their health…

Okta expands multi-factor authentication as it diversifies beyond single sign-on (VentureBeat, Aug 29 2017)
Okta customers who use the identity provider for single sign-on capabilities will get basic multi-factor authentication added to their service for free, as part of a suite of updates…

Now Available: Improvements to How You Sign In to Your AWS Account (AWS Security Blog, Aug 27 2017)
AWS made improvements to the way you sign in to your AWS account. Whether you sign in as your account’s root user or an AWS Identity and Access Management (IAM) user, you can now sign in from the AWS Management Console’s homepage. This means that if you sign in as an IAM user, you no longer have to use an account-specific URL…

Infographic – Hot Routes of Travel Fraud (Sift Science Blog, Aug 30 2017)
A sampling of travel data to discover more about how travel fraudsters work. Indonesia, Thailand, Brazil, Colombia, Morocco, and Mexico are among the preferred destinations for fraudsters. Cancun, Mexico comes in as the most fraudulent city when it comes to hotel reservations. Domestic flights between Jakarta, Indonesia and Bali, Indonesia are most likely to be fraudulent…

IAM Best Practices to Reduce Your Attack Surface (Centrify, Aug 30 2017)
After reviewing the 2017 Verizon data breach report…considering that 81% of breaches involve a weak or stolen password, wouldn’t it make sense spending your money where it has the most impact? Centrify lists some simple mistakes seen time and time again…

Cybercrime Report: Emerging Digital Business Models Becoming New Targets (ThreatMetrix, Aug 30 2017)
According to the Q2 report, 54 percent of all transactions in the financial services industry now originate on mobile devices. But it’s the dramatic surge in mobile account creations—up 141 percent year over year—that’s gaining widespread industry attention. Users are clearly embracing mobile as a full-service banking channel, rather than just a method for checking balances on the go…

Losing your identity: a real issue that goes beyond psychology (Gemalto, Aug 30 2017)
Identity fraud around the world is rising but biometric technology could give governments and companies a fighting chance. Opening a door (or a bank account) with your iris or finger print might not be as futuristic as we once thought it was…