How Do You Use "Subconscious Metrics" To Validate Identity?
By Ryan Wilk, Director of Customer Success, NuData Security
Identity theft is the most common consumer complaint in America, as chronicled by the Federal Trade Commission’s annual report. Consumers were already a bit wary about the safety status of their online and store accounts — and then the data breach tsunami hit. Many household names were tarnished due to inadequate defense strategies to combat the innovative minds of cybercriminals.
Credit card numbers are often the treasure being sought, as they can either be auctioned off on the black market or used on other e-commerce sites to fraudulently purchase goods and services. While dealing in stolen financial data is still a moneymaker, another digital commodity is gaining in value: usernames and passwords. Last year, a Russian hacker group made off with over a billion of them in just one attack! Because many people use the same credentials across multiple Web accounts, a cascading effect occurs if a hacker gets hold of those credentials. Suddenly, all those accounts can be accessed — including emails accounts, if those credentials work for email as well.
Companies are constantly searching for the best method to protect their users. Popular methods to validate users include sending an SMS message to a user’s cell phone and knowledge-based authentication (KBAs), in which users answer pre-defined questions (“Who was your fourth grade teacher?” “What’s your favorite book?” etc.) While these methods provide an added layer of protection, they also add customer friction, potential customer insult and lost conversions, all of which a business wants to avoid.
Please log in or register below to read the full article.
Get unlimited access to:
Enter your credentials below to log in. Not yet a member of VAR Insights? Subscribe today.