Get the ECT News Network Editor's Pick Newsletter » View Sample | Subscribe
Welcome Guest | Sign In
E-Commerce Times TechNewsWorld CRM Buyer LinuxInsider

E-Commerce Times Talkback

ECT News Community   »   E-Commerce Times Talkback   »   Re: Is That Really You? ID Theft and Multifactor Authentication

Re: Is That Really You? ID Theft and Multifactor Authentication
Posted by: Andrew K. Burger 2007-02-22 05:36:20
See Full Story

Cybercriminals are as gung-ho about perpetrating online fraud as financial institutions and the government are dedicated to preventing it. It's not so much the number of people who have fallen victim to ID theft, but the potential for serious loss and the possibility that you or I will become the next victim. However, ID theft may become increasingly difficult for the cybercriminals, even if they are armed with the user names and passwords.

Re: Is That Really You? ID Theft and Multifactor Authentication
Posted by: dmshaw 2007-02-26 03:33:39 In reply to: Andrew K. Burger
The article was well done, Mr. Burger, though a bit understated.
As we enter an era were more people, companies, and institutions become dependent upon the Internet to transmit/recieve high-value information, the situation will get worse rather than better. With a global economy increasingly dependent upon electronic exchange the security gaps grow unmanageable for the following reasons; more dispersed participants, larger amounts and types of content, varied types and numbers of access devices and applications, and a need for real- or near real-time exchange. Where's the log jam? The dependence upon centralize authority to authenticate the exchanges. A paradigm shift is needed to enforce authentication rule-sets at the content level, not at the perimeter; a Content-Centric Security (CCS) rather than a network-centric approach should define the new rule-sets.
CCS technology addresses the five key information security problems: insider trust issues, complexity of centralized security profile databases, privacy issues, smart card security, and cross-domain security infrastructure incompatibility. CCS has profound implications, systemically altering information security and authentication applications. CCS enables one to create self-governing controls into the content itself. This disruptive approach supports end-node authentication and the ability to securely and efficiently exchange data across domains that historically have had interoperability problems. Since the content itself become “self-sufficient” in terms of its security and authentication requirements, the technology eliminates the need to maintain centralized infrastructure which separates authentication procedures from content, leaving data subject to manipulation and malware.

Re: Is That Really You? ID Theft and Multifactor Authentication
Posted by: generic13 2007-02-22 05:56:51 In reply to: Andrew K. Burger
Substantial effort needs to be done on the consumer level to help unsuspecting individuals from falling victims to Phishing scams and the like. It is one thing to develop technology to try to determine whether the respondent is real or fake. It is another thing to educate individuals so they refrain from providing their information to online criminals. For every technology advance to identify fraudsters, there is likely to be technology advances by fraudsters to counter measure. Hence, what is lacking, is a substantial education effort to unsuspecting online users. With tens of millions of search results found on the web for Identity theft matters, it is also difficult for consumers to know what the best source for their ID theft protection should be. Some sites, such as are trying to provide a single source for valuable protection and prevention information and services, in a concise ranked and scored manner. That could help, as long as individuals become smarter than the fraudsters....
Jump to:
When an operating system upgrade is released for your personal computer, how soon do you install it?
ASAP -- I like to have the latest software and security features as soon as they become available.
After a Couple of Weeks -- I wait a little while in case there are problems reported by first users of the new OS.
After One Month or Longer -- I'm skeptical of new software versions and want to be confident that bugs have been fixed.
Maybe Never -- If my computer is working, my view is "If it ain't broke, don't fix it."