Pondering.... Authentication: Keeping customer
Post# of 82686
(Total Views: 403)
Posted On: 02/06/2019 6:35:26 PM
Pondering....
Authentication: Keeping customer payment information safe in a digital age
30/01/2019
By Karl Barton, International Channels and Alliances at SecureAuth
https://www.globalbankingandfinance.com/authe...gital-age/
This helps to tackle the process of habituation and so render push-to-accept less susceptible to attackers.
Secure Auth worked with a large UK-based financial services enterprise to secure and protect its customer portals.
Arguably, the SS7 weakness was one of the driving forces behind NIST’s original proposal to phase-out SMS based OTPs.
SS7
However once AT&T deployed the OOB Signaling scheme (SS7), wherein
the signaling path was logically isolated from the voice traffic, their hacking problem
went away immediately.
http://strikeforcetech.com/wp-content/uploads..._Paper.pdf
NIST
5.1.3 Out-of-Band Devices
An out-of-band authenticator is a physical device that is uniquely addressable and can communicate securely with the verifier over a distinct communications channel , referred to as the secondary channel . The device is possessed and controlled by the claimant and supports private communication over this secondary channel, separate from the primary channel for e-authentication. An out-of-band authenticator is something you have.
Authentication: Keeping customer payment information safe in a digital age
30/01/2019
By Karl Barton, International Channels and Alliances at SecureAuth
https://www.globalbankingandfinance.com/authe...gital-age/
This helps to tackle the process of habituation and so render push-to-accept less susceptible to attackers.
Secure Auth worked with a large UK-based financial services enterprise to secure and protect its customer portals.
Arguably, the SS7 weakness was one of the driving forces behind NIST’s original proposal to phase-out SMS based OTPs.
SS7
However once AT&T deployed the OOB Signaling scheme (SS7), wherein
the signaling path was logically isolated from the voice traffic, their hacking problem
went away immediately.
http://strikeforcetech.com/wp-content/uploads..._Paper.pdf
NIST
5.1.3 Out-of-Band Devices
An out-of-band authenticator is a physical device that is uniquely addressable and can communicate securely with the verifier over a distinct communications channel , referred to as the secondary channel . The device is possessed and controlled by the claimant and supports private communication over this secondary channel, separate from the primary channel for e-authentication. An out-of-band authenticator is something you have.
(0)
(0)