Authentication

Whether data leaks come from internal mistakes and exposures or from direct hacking, the outcome is the same. Data is exposed and cybercriminals are using it for fraud today, next year or several years from now, says NuData's Rosemary O'Neill.

Stephen Ranzini, CEO of University Bank, says The Clearing House's RTP and Early Warning's Zelle handle enrollment, encryption and authentication insecurely.

Ahead of the busiest shopping period of the year, CaixaBank is embracing facial recognition retail payments, an option that has met with pushback elsewhere.

Airlines have become a magnet for online fraud, as criminals refined methods to tap channels with higher payoffs.

Anticipating demand from internet of things and advanced smartphones, Fingerprint Cards AB has launched a new multi-biometric technology platform that combines iris screening with facial recognition.

With simple passwords more vulnerable than ever, a growing number of CUs are deploying multifactor authentication techniques to bolster security.

As requirements change, open standards can help governments feel confident that solutions are agnostic, flexible and safe from vendor lock-in, says the OSPT Alliance's Luiz Guimaraes.

MFA stops broad attacks, but more targeted hacks can still get through, says KnowBe4's Roger Grimes.

The facial recognition development trail is dotted with starts and stops in its search for consumer adoption, from Mastercard's "selfie pay" to Apple's 3-D facial scan tests and the Federal Trade Commission's approval of biometric authorization.

Canada is often at the forefront of payments innovation, with active fintech hubs and a national initiative to restructure the country’s transaction system for e-commerce. Yet outdated attitudes about identity risk linger, showing how hard it will be to achieve global digital ID at scale.

With passive biometrics, customers are identified by their behavior online and not by static data such as passwords or one-time codes, says NuData Security's Justin Fox.

Unlike using cash in the analog world, on the Internet everybody--including hackers--leaves digital traces, says Bird & Bird's Martin von Haller Grønbæk.

Contactless payments need added security to adhere to PSD2's strict new identity guidelines, says Fingerprints' Lina Andolf-Orup.

Consumers and banks are both concerned about security tied to contactless payments, says Fingerprints' Lina Andolf-Orup.

Even though security vendors and payments providers are telling merchants they are ready to provide compliance for PSD2 on Sept. 14, a significant challenge remains in the learning curve and technology needs for merchants.

Static fraud prevention has no place in the current digital world, says Accertify's Stuart Mann.

It's not on consumers to fix this problem, says NuData Security's Justin Fox, who argues organizations must get more cooperative and proactive to improve authentication.

The patent office is getting buried in applications for distributed ledger systems, a mountain of documents that chart a clear course toward making static identity and password protection irrelevant.

U.S. firms have been reliant on data aggregators like credit bureaus and other data companies to provide identity verification services, says Entersekt's Jennifer Singh.

The tougher authentication standards will take time and effort, but will strike a blow against fraud, writes Andrew Mortland, vice president of product at Accertify.