Tag: Data breach

There is no winner in the case of bank vs.…

Several weeks of harsh headlines explaining the tough battle of customers versus bank lawsuits and cybercrime.
In early June, a court in Maine ruled in favor of Ocean Bank in an ACH fraud lawsuit, stating that, “having verified IDs, passwords and requested challenge response questions, it acted in good faith by processing the ACH payments and Patco (the customer) was to blame for letting its details become compromised.” Recently, however, it appears that the opposite has occurred, when a ruling from a Texan judge favored the business which had been the victim of fraud.

Bank lawsuits expose legal confusion over cybercrime

In two consecutive weeks we saw headlines made by customer versus bank lawsuits relating to cybercrime. One judge ruled that questions and answers were good enough to protect the customer. Then, a separate judge rules that the bank should have detected a mere 100 wire transfers from an account after IDs, passwords, and its OTP token password were compromised. Who was right?

How to use your mobile authentication

Mobile phones are fast moving beyond communications, beyond gaming, social and productivity tools, to take on a vast number of new applications thanks to the use of NFC-based technology and data services. We’re theoretically able to unlock hotel rooms, pay for groceries, secure deals with location-based vouchers and work on the go. We can do […]

Online Privacy and Security Top of Mind in Congress

Our lives are increasingly online, making work and play more convenient and efficient.  At the same time, the attacks on our computers and networks continue to increase. It seems like every day we read of a new data breach that has put personal identity information and corporate data in the hands of criminals.  Most recently, […]

Risk-appropriate authentication vs machine fingerprinting

A recent Wall Street Journal article on the insecurity of passwords confirmed what many of us have believed for some time – the days of password-only authentication are numbered. As well as highlighting the passwords that no one of sane mind should consider using (‘123456’ or ‘password’, anyone?) it also considers some of the various […]