Page 13 - Cyber Warnings
P. 13
rocketing. This growth also comes with an increased security risk, and companies offering these
payment methods are continually challenged to provide processes that will build trust, ensure
safety and reduce fraud, while simultaneously maintaining convenience.
In a recent Business Insider article, Malcom Marshall (Global Head of Cyber Security with
KPMG International) sheds light into the problems with passwords: “It’s time we found ways to
get rid of the password. They are no longer viable and considering the extent of how much we
live our lives online, we need to find ways to make ourselves more secure. After all, think of how
many passwords we use and how hard it is to remember them all. Even I have had to constantly
reset my passwords because I keep forgetting them,” said Malcolm Marshall, Global Head of
Cyber Security practice at “Big Four” accountant and consultancy KPMG International. While a
step in the right direction, multi-factor authentication methods are missing the mark; the use of a
password or security code is not a secure way to confirm an individual is the said owner of an
account. Password and codes passed via mobile devices can be hacked and there is no proof
that the mobile device is in the passion of the owner.
A recent report from the National Institute of Standards and Technology referred to the process
of multi-factor authentication as insecure because the phone may not be in possession of the
number and the SMS may be interrupted. However, for a better approach, utilizing a
combination of one or two government issued IDs with live photo and facial recognition,
companies can ensure that an ID is valid and the person in possession of the ID is in fact the
genuine ID owner.
Facial recognition is also the first step in knowing a business’ customer – and ensuring that the
person trying to access private information is in fact the appropriate person attempting to do so.
Facial recognition providers can turn a smartphone or computer into an ID scanning terminal
that captures and verifies an ID and other credentials to meet Know Your Customer (KYC)
requirements – and ultimately reduce fraud. The missing piece within the password puzzle is
one that offers digital identity verification – or facial recognition that includes liveness. This
technology can replace passwords by identifying and authenticating users for all online services,
including commerce and banking. It enables apps, websites and other services to recognize
users, and therefore dramatically change how we make online transactions all while decreasing
the potential for fraud and identity theft.
About the Author
Stephen Stuut, CEO of Jumio
13 Cyber Warnings E-Magazine – September 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
