A Review of the Best News of the Week on Identity Management & Web Fraud

Which biometrics are consumers most comfortable with? (Help Net Security, May 04 2018)
Consumers feel more comfortable with fingerprint scanning than with other types of biometric technology, including face, eye, voice and other biometric measurements, according to a survey from the Center for Identity at The University of Texas at Austin.

GDPR Questions Answered: Do We Need Consent to Hold Information in a Database? (Infosecurity Magazine, May 09 2018)
Does a database of available information comply with GDPR? Jon Baines from NADPO answers your questions.

Think You’ve Got Your Credit Freezes Covered? Think Again. (Krebs on Security, May 09 2018)
“…identity thieves increasingly are finding ways to open new mobile phone accounts in the names of people who have already frozen their credit files with the big-three credit bureaus. Here’s a look at what may be going on, and how you can protect yourself.”

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

Hackers Leverage GDPR to Target Airbnb Customers (Dark Reading, May 03 2018)
Fraudsters are taking advantage of new EU privacy laws to demand personal information from Airbnb users.

Nigerian Email Scammers Are More Effective Than Ever (Wired, May 03 2018)
By fine-tuning social engineering techniques and targeting small businesses, Nigerian scammers have kept well ahead of defenses.

Could this be the end of password re-use? (Naked Security – Sophos, May 09 2018)
It’s password security’s Achilles heel: too many people make life easy for cybercriminals by re-using the same ones over and over. But what if there were a way for websites to compare notes on whether a password (or similar password) has been set by a user elsewhere?

NIST adds privacy recommendations to its Risk Management Framework (SC Magazine, May 09 2018)
The National Institute of Standards and Technology has updated its Risk Management Framework (RMF) to cover privacy issues with a focus on helping organizations better understand and protect their member’s personally identifiable information (PII).

Ticketmaster Wants to Replace Tickets With Faces (PCMag, May 07 2018)
Gaining entry to a live event could soon require face recognition.

The Impending Facial Recognition Singularity (SecurityWeek, May 07 2018)
The radical changes taking place in privacy and security, both for better and for worse, are driven by the rapid adoption of facial recognition technologies and the exploding use of social media to share personal photos.

Face recognition technology that works in the dark (ScienceDaily, May 08 2018)
Researchers have developed an artificial intelligence and machine learning technique that produces a visible face image from a thermal image of a person’s face captured in low-light or nighttime conditions. This development could lead to enhanced real-time biometrics and post-mission forensic analysis for covert nighttime operations.

Facial Recognition Tech Is Creepy When It Works—And Creepier When It Doesn’t (Wired, May 09 2018)
It’s a powerful tool, but recent incidents have shown that there’s no winning with facial recognition.

The Man on the Train: Caught with his phishing loot (Naked Security – Sophos, May 08 2018)
How does it end for phishing attackers who get caught? In a case that’s been working its way through the British courts since last September, the unusual answer is in the first-class carriage of a train travelling between Wales and London.

Phishers Use New Method to Bypass Office 365 Safe Links (SecurityWeek, May 08 2018)
Cybercriminals have been using a new method to ensure that the URLs included in their phishing emails bypass the Safe Links security feature in Office 365

FBI: Reported Internet Crimes Topped $1.4 Billion Last Year (Dark Reading, May 09 2018)
Business email compromise (BEC) campaigns outnumbered ransomware cases.

Building a Framework for the Safe Management of Digital Identities and Data (WSJ, May 10 2018)
In a world that’s increasingly governed by digital transactions and data, our existing methods for managing security and privacy are proving inadequate. What’s needed is the ability to share information in a privacy-preserving manner, says CIO Journal Columnist Irving Wladawsky-Berger.

Digital identity debate resurfaces following Windrush scandal (Information Age, May 10 2018)
The government should introduce digital ID cards for all citizens to avoid another scandal like Windrush

Latest Account Takeover Scheme Targets Cardless ATM Withdrawals (ThreatMetrix, May 09 2018)
When banks started rolling out cardless ATM withdrawals, the idea was to bring a whole new level of convenience and security to increasingly mobile consumers. But according to a recent industry report, ATM debit card fraud has jumped 10 percent during the past year, thanks in part to a mobile twist on account takeover (ATO) schemes.

First biometric authentication solution for consumer augmented reality headsets (Help Net Security, May 09 2018)
Redrock Biometrics and Epson have partnered to bring PalmID to the MOVERIO Smart Glasses Platform as the first biometric authentication solution for a consumer AR headset.

Google cracks down on election meddling advertisers (Naked Security – Sophos, May 09 2018)
Google will now require people or groups purchasing federal election ads to show that they’re US citizens or lawful residents.

Trusted Key Solutions raises $3 million for blockchain digital identity (VentureBeat, May 10 2018)
Trusted Key Solutions has raised $3 million to advance its blockchain technology to create secure digital identities for enterprise customers.