Fighting Fraud With Strong Authentication
- LANGUAGE: English DATE: Thursday, November 21, 2019 TIME: 4:00pm CET, 10:00am EST, 7:00am PST
Strong authentication is one cornerstone of web security. However, account enrollment and account recovery processes are leaving gaps in the credential management lifecycle that allow bad actors to perform account takeover and get into our networks. Increasingly, these bad actors aren’t even real. Stolen identity information that is used to create new fake IDs, known as synthetic identity fraud, is a fast-growing form of fraud.
Higher assurance processes can block fraudulent account creation and takeovers. These same high-assurance processes, such as new remote, possession-based techniques using biometric “selfie” matching and government-issued identity document authentication, also help advance portable identity or decentralized identity initiatives.
In this KuppingerCole webinar you will learn about:
- Concerns about the increase in financial fraud and identity theft
- The digital identity/credential management lifecycle as it works today
- Areas in the enrollment and recovery processes for fraud including where synthetic identities can sneak past KYC processes
- The use of biometrics, AI and remote document authentication for initial onboarding and recovery
In the first part of the webinar, KuppingerCole Lead Analyst John Tolbert will discuss concerns about the increase in financial fraud and identity theft and give an overview of some of the most common methods used for attacks in these cases.
He will be joined by Andrew Shikiar, Executive Director and CMO of the FIDO Alliance, who will step through KYC processes in alternative scenarios which put higher assurance processes into place to show how they can block fraudulent account creation and takeovers.
The FIDO (Fast IDentity Online) Alliance is a 501(c)6 non-profit organization nominally formed in July 2012 to address the lack of interoperability among strong authentication devices as well as the problems users face with creating and remembering multiple usernames and passwords. The FIDO Alliance plans to change the nature of authentication by developing specifications that define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords to securely authenticate users of online services. This new standard for security devices and browser plugins will allow any website or cloud application to interface with a broad variety of existing and future FIDO-enabled devices that the user has for online security.
In the face of increasing cyber-attacks by cybercriminals and nation-states, most organizations are investing in filling in the gaps in their cyber defenses, but as the landmark SolarWinds supply chain breach showed, securing Microsoft Active Directory (AD) is vital, but often overlooked.