ST. MICHAEL'S OPENS DOORS WITH HELP FROM ERA » David Stapleton and Era’s Tania Tams with Mrs. Grundy and pupils at St Michael’s First School Vig... 17% growth ensures Nationwide Platforms remains wo... » Nationwide Platforms has once again retained its position as the world’s largest IPAF provider after... Le Pen Seeks Anti-terrorism Operations in Chad...B... » "Well, Marine Le Pen may be able to save France from abroad. But hold on for a minute, do you really... Synectics to showcase urban transport surveillance... » David AindowUrban transport networks are in danger of data overload. Guarding against emerging secur... TomTom Telematics collaborates with SOTI » TomTom Telematics has announced a collaboration with SOTI that will see the company’s popular flag... Dimension Data launches support and managed servic... » London, United Kingdom: Dimension Data has extended its current offering with Cisco Meraki. This inc... LOCKEN ANNOUNCES STRATEGIC COLLABORATION WITH ISEO » Leading developers of cable free access control, LOCKEN and ISEO Group, an Italian based designer,... Sopra Steria finds UK citizens want more secu... » London: Sopra Steria has revealed that UK citizens are keener than ever to use digital public servic... World’s top education experts to answer key q... » Education experts, Edtech entrepreneurs and an assortment of thinkers, analysts and administrators f... HAUD gives more value through its Traffic Audit ... » Singapore: HAUD has now established itself as a market leading SMS firewall provider, and through ex...

CLICK HERE TO

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.

READ MORE

Subscribe to Vigilance Weekly

Appointments

Earlier this week, AdaptiveMobile released a blog post which examined application-to-person (A2P) SMS banking scams, specifically as they relate to identity theft. Attackers are increasingly using creative social engineering led approaches to trick individuals into giving away personal information, allowing an attacker to impersonate a victim resulting in financial gain for the perpetrator. The post also looked at the recent Barclay’s TV advert which examines the same topic.

 

Commenting on this, Robert Capps, VP of business development at NuData Security, said: "The lack of standard trust indicators in SMS, coupled with the seemingly organic deployment of SMS as a messaging and authentication channel for online transactions, has not only led to consumer confusion. It’s also opened a wide channel for fraudsters to socially engineer consumers into disclosing their personal information.

It’s also not an unique attack. Other convenient forms of consumer communication like email and telephone calls have been utilised by cyber criminals in similar ways in the past, so perhaps it’s no surprise to find creative uses of the same old trick being employed.

At the root of this issue, is the continued reliance on the traditional (but tired) username and password authentication framework. It’s still the sole method of verifying consumer identity in many non face to face transactions. Coupled with weak auxiliary authentication schemes that have been duct taped on top of this framework, such as SMS challenges, and secret questions and answers, it’s no wonder that consumer authentication is a mess.

Traditionally, online authentication boiled down to a choice between “effective”, “easy” and “low friction”, where you can only pick two options. Execs are always biased toward tangibles, so the option usually left on the ground was customer experience (friction). Growing respect for the value of customer experience, plus advances in behavioural techniques and evaluation of human interactional signals, has injected new life in to these tired techniques. The great part about these new behavioural authentication technologies is that they provide real security for customers and their accounts, without negatively impacting the customer experience.”