Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Organisations must employ a multi-layered approach to fraud prevention if they are to thwart increasingly persistent hacking attacks that can now circumvent two-factor authentication devices, according to analyst firm Gartner. In a new report released today, Where Strong Authentication Fails, Gartner recommends that organisations firstly monitor user access behaviour, by analysing all of a user's web traffic and spotting any automated programs.Firms also need to keep an eye out for suspect transaction values, by looking at a particular transaction and comparing it to a profile of what constitutes " normal" behaviour. Out-of-band transaction verification can be used to further secure a transaction, by enabling the user to verify via a phone call."Fraudsters have definitely proven that strong two-factor authentication processes can be defeated," said Litan."A layered fraud prevention approach that includes server-based fraud detection and out-of-band transaction verification that precludes call forwarding to illegitimate user phone numbers has been proven to mitigate these threats."Gartner clients who have fended off such attacks have done so with either automated fraud detection or manual review of high-risk transactions."Litan warned that while such attacks have thus far been targeted at financial institutions and their users' accounts, they are likely to "migrate to other sectors and applications" that contain sensitive data in the future.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.