Blog Archives

The Evolution of Fingerprints from the Device to The Cloud

Central to any Privilege Entitlement Access Control negotiation is the concept of “risk”.  The level of potential risk to the asset or service determines the required level of security, including strong user authentication, before access is granted.  Further, the binary decision to deploy strong authentication, including biometrics, is also risk based and, specifically economic risk-based, which can also be viewed as economic feasibility.  Stakeholders won’t deploy it if they lose money at it. The reason industry stakeholders and technology leaders …

Secure Mobile Credentialing & Identification

The evolution of Privilege Entitlement & Access Control Systems toward a single user profile for multiple services across multiple devices “Our passwords are failing us.” said Michael Barrett, PayPal’s Chief Security Officer.  He’s not alone.  According to the Verizon 2013 Data Breach Investigation Report, roughly 76% of all data breaches were enabled by weak credentialing and user authentication.  Thus, we might safely say that most, if not all of our traditional security measures do little to close credentialing vulnerabilities.  If that’s …

THE DEFINITION OF INSANITY

http://secureidnews.com/news-item/financial-services-research-committee-makes-identity-a-priority/?tag=email This article should be interesting to you, if you have an interest in Biometrics and BIO-key.  Its great to help understand what needs to happen to reduce or even eliminate user authentication related crimes and waste.  It also helps to conceptualize how biometrics will be used in the commercial user-authentication marketplace, like in banking.   The article describes a research committee in the financial industry that hopes to develop platforms, systems and maybe standards to thwart data breaches and other …

76% of Breaches enabled by Weak Credentials according to Verizon

You’ll hear us repeat phrases like “Secure Credentialing” or “Privilege Entitlement and Access Control“.   That’s because it’s actually the correct way to think about things like Mobile Payments.  After all, what are “Mobile Payments”?  Aren’t they your ability to pay, crammed into your phone?  What are we cramming into that phone?  A credit card or debit card?  What’s that?  A credit card is nothing but a piece of plastic, with a number written on it, that represents your PRIVILEGE …