The WiKID Blog

Viewing posts tagged Two Factor Authentication

will-the-ffiec-guidelines-be-a-driver-for-the

Posted by: admin 16 years, 3 months ago

There is a great post on DigitalID World by Eric Nolan about the recent FFIEC guidelines regarding two-factor authentication being a driver for the strong authentication market, much as other compliance rules have boosted the identity management marketplace. It is a very inciteful article and worth the read. I have some comments though:

wikid-tricks-for-your-thumb-drive

Posted by: admin 16 years, 3 months ago

It's all about thumb drives these days. In particular, today. I spent a lot of time today talking to one our our OEM partners about where they ordered custom logo USB drives for one of their customers so I could get a quote for one of our prospects who also wants custom logo USB drives for an online banking application. Now, I see that we have a small mention in 12 Tricks To Teach Your USB Thumb Drive (#9). I'm not sure it's accurate, though. It seems to suggest that you can secure your PC with WiKID. Really, WiKID is a form of two-factor authentication meant to help secure network based communications services such as VPNs and websites. The article mentions that, but I think it's a bit unclear. WiKID can be used to add two-factor authentication to GoToMyPC but only their corporation version using radius, which also means using our Enterprise version.

zone-h-attack-really-a-dns-hijacking

Posted by: admin 16 years, 3 months ago

According to the Register the recent 'defacement' of Zone-H was really a DNS hijacking. While it is not clear how the attackers took control of the domain, it points out the DNS system is not a reliable security mechanism. It is less likely that an attacker would get contorl of a major financial institution's DNS registration (or is it?), but DNS-cache poisoning is very likely.

the-start-of-a-trend

Posted by: admin 16 years, 3 months ago

One can hope: An eternal optimist asks Enterprise Vendors to pave the way for two-factor authentication.

world-of-warcraft-gets-two-factor-authentication

Posted by: admin 16 years, 3 months ago

As we noted way back in 2006 the value in gaming credentials will bring out the fraudsters.. Now Blizzard is offering tokens for WoW. Queue the "If I can get it for WoW, why not my bank" blog posts:

I agree with the sentiment but I wanted to start a conversation regarding why you won't be seeing these tokens in the mail from your bank any time soon. The reason most banks, e-commerce sites, and even corporate VPN connections aren't protected by two-factor authentication can be broken down into a few reasons:

• cost: additional cost to customer, shipping, inventory, infrastructure, licensing, staff, overhead, etc.
• complexity: dealing with lost tokens, mistyped numbers causing locked acconts, countless help desk calls, etc. If you are locked out of your WoW account you can't play a game, when you are locked out of your bank account you can't pay bills, transfer funds, check your balance, etc. Simply put, the downside risk of customer convenience is greater than the upside risk of greater levels of security.
• motive: Blizzard is providing these tokens to help secure customers accounts, but also to further secure their future revenue stream and also to combat piracy and cheating, in short, it makes business sense. Banks don't typically suffer very much if a customer account is breached as they very rarely take the hit themselves but instead either insure against the loss (either federally or privately) or simply passing the costs onto customers.

• Page 44 of 51
• ←
• 37
• 38
• 39
• 40
• 41
• 42
• 43
• 44
• 45
• 46
• 47
• 48
• 49
• 50
• 51
• →