Blog Archives

Does Apple or FIDO care about a Trusted Source?

How does Apple or FIDO know you are the person that is authorized to access that phone? Or, how does the 3rd party applications (apps) that are accessed through the phone know you are the person authorized to have access? The fingerprint sensor? Well, what if that mobile fingerprint authentication capability isn’t very accurate? What if it’s spoofable because the technology doesn’t use enough data to authenticate the user with a high degree of assurance?  Given both Apple and Samsung’s …

The Evolution of Fingerprints from the Device to The Cloud

Central to any Privilege Entitlement Access Control negotiation is the concept of “risk”.  The level of potential risk to the asset or service determines the required level of security, including strong user authentication, before access is granted.  Further, the binary decision to deploy strong authentication, including biometrics, is also risk based and, specifically economic risk-based, which can also be viewed as economic feasibility.  Stakeholders won’t deploy it if they lose money at it. The reason industry stakeholders and technology leaders …

Secure Mobile Credentialing & Identification

The evolution of Privilege Entitlement & Access Control Systems toward a single user profile for multiple services across multiple devices “Our passwords are failing us.” said Michael Barrett, PayPal’s Chief Security Officer.  He’s not alone.  According to the Verizon 2013 Data Breach Investigation Report, roughly 76% of all data breaches were enabled by weak credentialing and user authentication.  Thus, we might safely say that most, if not all of our traditional security measures do little to close credentialing vulnerabilities.  If that’s …

THE DEFINITION OF INSANITY

http://secureidnews.com/news-item/financial-services-research-committee-makes-identity-a-priority/?tag=email This article should be interesting to you, if you have an interest in Biometrics and BIO-key.  Its great to help understand what needs to happen to reduce or even eliminate user authentication related crimes and waste.  It also helps to conceptualize how biometrics will be used in the commercial user-authentication marketplace, like in banking.   The article describes a research committee in the financial industry that hopes to develop platforms, systems and maybe standards to thwart data breaches and other …

Join us for a Webinar on Alternatives to Passwords

You and your customers need to eliminate or minimize the use of passwords. Why? Because passwords simply aren’t secure.  Passwords can be easily be lost, stolen or shared. Learn about the role of biometric technology today and tomorrow; as it relates to authentication by joining a webinar hosted by CA Technologies and featuring BIO-key. Who should attend? Everyone that works with or utilizes CA SiteMinder. Anyone that would like to replace passwords with a more secure and convenient solution. Security …