PaymentsJournal
SUBSCRIBE
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
No Result
View All Result

The Rapidly Changing Authentication Infrastructure

Tim Sloane by Tim Sloane
November 28, 2017
in Analysts Coverage
0
Biometrics Eye Scan

Biometrics Eye Scan

2
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

Mercator predicted mobile devices would require a rapid shift in authentication methods here and here. This article in CSO Online introduces the apt term of “Goldilocks zone” to describe when individuals should be challenged with a multi-factor authentication:

“I recently read a story in CSO that explained how hackers can crack just about any password. The story didn’t surprise me. Security experts have known this for a while. Yet, passwords continue to serve as the go-to method for accessing just about everything online.

Most experts recommend adding multi-factor authentication, but with the wide range of cloud services available and the mobility of our workforce, how much is too much?  How little is too little to be effective?

Companies need to strike a balance between users reaffirming who they are without inhibiting their work. The best-case scenario entails an employee, who’s doing what she normally does, is left alone. If she suddenly does something out of the ordinary, she would need to verify it’s really her. Verify users are who they say they are when they are already inside doing something unusual, not only when they are at the door.

Credit card companies have become very good at this process. They understand cardholders’ regular purchases, and thus don’t bother them every time they use their card. However, if a purchase seems unusual, the card company will send a text asking the card holder to verify it’s her. If she cannot verify the purchase, they freeze her account. Sounds simple, right?

We need this kind of simplicity in cyber security. Companies cannot apply multi-factor authentication to everything a user does. It’s too much. There’s a Goldilocks zone for multi-factor. It can’t be too hot. It can’t be too cold. It must be just right. And companies can pull off just right by using behavior analytics.”

The two publications also identified behavioral biometrics as a key component of the overall authentication solution but also suggested that it be implemented right away to detect robots and account takeovers and then expanded into the general authentication solution set as the organization develops risk profiles for all of its consumer and business interactions as also identified in this article:

“Behavior analytics working in tandem with multi-factor authentication would enable companies to verify users are who they say they are when they are detected doing something unusual. For example, we often see a use case that we call “The Prospector.” Like a gold miner digging for gold, insiders will mine for valuable data assets, accessing applications and systems, looking for the crowned jewels. Behavior analytics would detect an employee digging around, accessing a system that he typically doesn’t access and/or isn’t authorized to access. Multi-factor authentication would then come into play asking the employee to verify it’s really him. If he does not verify within a certain timeframe, then his account is shut down before he accesses the jewels. On the flip side, if that employee is accessing a system that he typically accesses to do his job, he wouldn’t be bothered at all.

Call it “Smart Multi Factor Authentication.” A bad actor would fail the second layer of authentication while the trusted employee can do his job uninterrupted. Malicious insiders would also be hindered because they know they are being watched.”

 

Overview by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group

Read the full story here

Tags: Authentication
2
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Analyst Coverage, Payments Data, and News Delivered Daily

    Sign up for the PaymentsJournal Newsletter to get exclusive insight and data from Mercator Advisory Group analysts and industry professionals.

    Must Reads

    eCommerce On Social Media, social commerce

    The Rise of Social Commerce and Social Payments

    February 3, 2023
    Electroneum AnyTask; ETN Crypto, sales enablement

    Ethical Financial Selling: The Role of Compliance Technology and Sales Enablement

    February 2, 2023
    direct deposit

    Nacha Launches Campaign to Reach Millennials on the Benefits of Direct Deposit

    February 1, 2023
    Equinix Helps UK-Based Payments Provider Enable Faster, More Reliable Payments Processing

    Equinix Helps UK-Based Payments Provider Enable Faster, More Reliable Payments Processing

    January 31, 2023
    credit card tumbling

    How to Detect, and Prevent, Credit Card Tumbling

    January 30, 2023
    Why Businesses Need to Adopt Real-Time Payments as a Competitive Differentiator

    Why Businesses Need to Adopt Real-Time Payments as a Competitive Differentiator

    January 27, 2023
    faster payments

    Faster Payments Are Set to Revolutionize Modern Digital Payments

    January 26, 2023
    How AI can Help Manage Payments Risk in 2023

    How AI can Help Manage Payments Risk in 2023

    January 25, 2023

    • Advertise With Us
    • About Us
    • Terms of Use
    • Privacy Policy
    • Subscribe
    ADVERTISEMENT
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    • Industry Opinions
    • News
    • Resources

    © 2022 PaymentsJournal.com

    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Industry Opinions
    • Faster Payments
    • News
    • Jobs
    • Events
    No Result
    View All Result

      Register to download the Equinix report - Dojo Delivers Fast, Reliable and Secure Card Payments to Businesses on Platform Equinix