A Review of the Best News of the Week on Identity Mgt & Web Fraud
Airport security to include face-scanning fish in virtual aquarium tunnel (CSO Online, Oct 17 2017)
Starting in 2018 at Dubai International Airport’s Terminal 3, passengers will no longer need to stop at a security clearance counter to show their passports. Instead, travelers will pass through a first-of-its-kind biometric tunnel equipped with 80 face- and iris-scanning cameras hidden behind an immersive aquarium video.
Want to see something crazy? Open this link on your phone with WiFi turned off. (Medium, Oct 16 2017)
In case you missed it earlier this week, this is another example of mobile carrier security issues. This time, it’s with the Mobile Identity API, where anyone could use your mobile phone’s IP address to look up your phone number, your billing information and possibly your phone’s current location as provided by cell phone towers.
Amazon patents a method for identity authentication that uses music as the key (GeekWire, Oct 17 2017)
Amazon’s inventors have come up with a computer-based system that makes use musical transformations to authenticate a whole group of users — and block access if anyone strikes a false note.
Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report
How To Fix the Broken Social Security Number Sytem (Wired, Oct 13 2017)
The Social Security number system is broken. And while fixing it will take a lot of work, there are ways to keep your identity more secure.
Replacing US Social Security Numbers With Estonia’s Cryptographic Model? (Forbes, Oct 16 2017)
As the US grapples with how to replace its obsolete obsession with the 80-year old Social Security Number, perhaps Estonia’s public key infrastructure and digital first government might serve as inspiration.
DHS will order agencies to adopt DMARC, https (SC Magazine, Oct 16 2017)
The Department of Homeland Security (DHS) will require federal agencies to use the Domain-based Message Authentication, Reporting & Conformance (DMARC) standard and implement https to bolster their security postures.
Is FaceID Really Secure? (Auth0 Blog, Oct 16 2017)
Learn about the technology and security implications regarding Apple’s FaceID.
API design: Choosing between names and identifiers in URLs (Google Cloud Platform Blog, Oct 17 2017)
If you’re involved in the design of web APIs, you know there’s disagreement over the style of URL to use in your APIs, and that the style you choose has profound implications for an API’s usability and longevity.
Brief: FIDO Alliance Announces New Round of FIDO Certified Products (Blog – FIDO Alliance, Oct 17 2017)
The FIDO Alliance is pleased to announce the latest round of companies to complete FIDO certification, bringing the total number of certified products to 383.
When big data gets personal…and cloudy (CSO Online, Oct 16 2017)
What are the considerations for security and scalability when choosing cloud storage for identity platforms that service multiple millions, even billions of users?
PSD2: Can it fight fraud and keep consumers happy at the same time? (Gemalto blog, Oct 18 2017)
PSD2, the European directive for banks, requires strong security measures. Can European banks still offer a convenient user experience?
5 keys to identity verification service deployment for Mobile Network Operators (Gemalto blog, Oct 17 2017)
ID fraud is a critical issue for MNOs; there are approximately 200 types of fraud, and 35% of all mobile fraud comes from subscriptions.
Moving Beyond Social Security Numbers Part 5: Decentralization, Privacy, and the Importance of Choice (ID.me Blog, Oct 12 2017)
To move past social security numbers and static identifiers to secure digital credentials, a robust ecosystem of decentralized, digital credential providers. Decentralization ensures there is no “one login to rule them all” that would centralize all of your data and see all of your transaction history. Like the remark Alfred made to Batman at the end of ‘The Dark Knight’ where they could listen to Gotham’s cell phone conversations: “no one should have that kind of power.”
Top 5 Trends for Customer Experience in 2018 (Janrain, Oct 17 2017)
Here are five customer experience trends to watch for in 2018: 1) Demand for personalization will increase, 2) Data will be as good as gold, 3) IoT will create new challenges, opportunities, 4) Seamless customer journey becomes the status quo, and 5) CIAM closes the gap between CX expectations and reality.
Stop remembering your family’s passwords – today (The LastPass Blog, Oct 17 2017)
LastPass rolls out a family option – With Families, you can create shared folders of what you want other family members to access. Perhaps a folder of streaming media sites for everyone, one for household bills with your significant other, and another for the kids’ school and healthcare logins. Everyone has access to what they need, and nothing they don’t.
Call Center Criminals Unmasked | Real-Life Fraudsters & Audio Recordings (Pindrop, Oct 18 2017)
Pindrop Labs analyzed 600 million calls in efforts to identify recurring techniques and call center criminals…Two iconic fraudsters utilizing these tactics include: The Racketeer and Mommy Dearest.
Introducing: Duo’s Remote Identity Proofing for Healthcare and EPCS (The Duo Blog, Oct 18 2017)
An interesting option for physicians to use electronic prescription signing…remotely fulfill the identity proofing requirements of EPCS and DEA, including two-factor authentication (2FA).