Slide background

The Entersekt blog.

Industry news, security threats, and technology advances in consumer authentication
Passwordless authentication: The future is here

Passwordless authentication: The future is here


Passwords suck! There, I said it. We've all heard it said many times before, but it’s worth repeating. The concept of gate-keeping access to digital services with a username and password may have been appropriate, and even good practice, in the early days of computing when a person might only have one or two logins to maintain. However, in today’s world where people have hundreds of accounts, they tend to re-use one password for multiple accounts or outsource the job to a password manager service. And even if you do manage to create a complex and unique password for each account, and remember it at the time of login, there is still the problem of data breaches, which are becoming all too common. 

Read More ...

Snippet: With seven billion mobile phone subscribers globally, it’s imperative the financial services industry move quickly to roll out retail and corporate banking services on the one device their customers always have with them: their mobile phone.

With seven billion mobile phone subscribers globally, it’s imperative the financial services industry move quickly to roll out retail and corporate banking services on the one device their customers always have with them: their mobile phone.

Snippet: While online banking fraud is not new, the losses that stem from it continue to increase year after year, as if today’s institutions are either unaware or unconcerned with the problem.

While online banking fraud is not new, the losses that stem from it continue to increase year after year, as if today’s institutions are either unaware or unconcerned with the problem.

Snippet: It is no secret that one-time passwords (OTPs) have outlived their expiration date. These one-off strings of digits have proven to be neither secure nor convenient, especially when generated and dispatched to the customer’s mobile phone via the SMS channel, which is one of the most popular OTP delivery methods used by banks around the world.

It is no secret that one-time passwords (OTPs) have outlived their expiration date. These one-off strings of digits have proven to be neither secure nor convenient, especially when generated and dispatched to the customer’s mobile phone via the SMS channel, which is one of the most popular OTP delivery methods used by banks around the world.

Snippet: Another week brings us news of yet another breach of online systems supposedly protected by one-time passwords, this time at 34 banks in Switzerland, Sweden, Austria, and Japan. At this point, I’m strongly tempted to edit one-time passwords out of the Wikipedia article on multi-factor authentication.

Another week brings us news of yet another breach of online systems supposedly protected by one-time passwords, this time at 34 banks in Switzerland, Sweden, Austria, and Japan. At this point, I’m strongly tempted to edit one-time passwords out of the Wikipedia article on multi-factor authentication.

Snippet: The intensity and sophistication of account takeover attacks continues to rise inexorably. Security breaches at trusted companies are in the news on a daily basis, with stolen consumer data acting as the new currency of the digital underworld.

The intensity and sophistication of account takeover attacks continues to rise inexorably. Security breaches at trusted companies are in the news on a daily basis, with stolen consumer data acting as the new currency of the digital underworld.

Snippet: Barely a day goes by without news of a high-profile security breach or announcement of a major security flaw affecting the Internet. Consumers have never felt more unsafe using digital channels to transact than they do now, but their use continues to grow nonetheless.

Barely a day goes by without news of a high-profile security breach or announcement of a major security flaw affecting the Internet. Consumers have never felt more unsafe using digital channels to transact than they do now, but their use continues to grow nonetheless.

Snippet: The king of financial malware, Zeus, has many variants and one particular variant, the Citadel trojan, continues to pose a significant global threat, despite the rumors of its withdrawal from the crimeware market.

The king of financial malware, Zeus, has many variants and one particular variant, the Citadel trojan, continues to pose a significant global threat, despite the rumors of its withdrawal from the crimeware market.

Snippet: Zeus-in-the-mobile, or “Zitmo”, is the first program specifically designed to steal mobile transaction authentication numbers (mTANs) without mobile users noticing. The mTAN is an SMS-based form of one-time password (OTP) widely used by financial institutions for online transaction authentication.

Zeus-in-the-mobile, or “Zitmo”, is the first program specifically designed to steal mobile transaction authentication numbers (mTANs) without mobile users noticing. The mTAN is an SMS-based form of one-time password (OTP) widely used by financial institutions for online transaction authentication.

Snippet: While we have established that 3-D Secure has proven beneficial to the industry by reducing fraud, lowering issuers’ operational costs and increasing card usage and retention, adoption of the standard is still being met with resistance from skeptics within the industry.

While we have established that 3-D Secure has proven beneficial to the industry by reducing fraud, lowering issuers’ operational costs and increasing card usage and retention, adoption of the standard is still being met with resistance from skeptics within the industry.

Snippet: The introduction of chip and PIN cards has significantly reduced cloning as a source of card fraud, particularly in Europe, but fraudsters, never idle for long, have switched their focus to a softer target – card-not-present online purchases.

The introduction of chip and PIN cards has significantly reduced cloning as a source of card fraud, particularly in Europe, but fraudsters, never idle for long, have switched their focus to a softer target – card-not-present online purchases.

Entersekt Logo

Entersekt is an innovator of customer-centric fintech solutions. Financial services providers and other enterprises rely on our patented mobile identity system to provide both security and the best in convenient new digital experiences to their customers, irrespective of the service channel. With us, they can concentrate on their innovation roadmap, while delivering intuitive, low-friction digital experiences to their customers.