Companies that are compromised by hackers can not afford to shift responsibility to customers for “weak” passwords, says security researcher Yiannis Chrysanthou.
Rather than focussing on something the user knows, like a password, they should focus on introducing multi-factor authentication based on something the customer has, like a smartcard, or something a customer “is,” like fingerprint verification, in order to make credential theft and impersonation much harder.
Chysanthou, who is part of KPMG’s cyber security team, made the comments in response to a series of high profile attacks on internet-based businesses. “Organisations seem to believe that if they force users to pick long complex passwords and then store them only in their cryptographically hashed formats, they are relatively safe,” he said. “The reality is that we hear of password breaches time and time and again, and this needs to change!”
The problem with focussing on passwords, says Chrysanthou, is that these are often encrypted and stored in a database alongside usernames and emails. Once hackers have stolen and published the database, these cryptographic algorithms are often hacked within a matter of days.
“Multi-factor authentication will block traditional attacks relying on guessing or stealing a user’s password because the password itself will no longer be sufficient. Of course this extra security comes with increased investment but the improved customer protection makes it viable and valuable,” he said.
The US money market fund reforms came into effect in 2016 and are already dramatically shaping US fund industry with investors flooding out of prime funds and into government securities. While the reforms are similar, they are not the same. GTNews interviews Yeng Bulter, global head of the cash business at State Street Global Advisors on the differences.
As the May 25 deadline for Europe’s General Data Protection Regulation (GDPR) inches closer, many treasurers are being lumped with the task of ensuring their wider company is compliant.
APIs may be a solution to MT940 challenges, says Karen Fagan, treasury operation manager, for British television company, ITV.
#PSD2FinishLine recently started trending on Twitter. As the country slowly grows in excitement throughout the month of November, with the C-word on ... read more