Authentication News, Articles and Updates

Patch Tuesday: Microsoft patches Remote Desktop Protocol exploit

This month's Microsoft patch Tuesday included more than 70 patches 15 of which were marked as critical and one that could exploit authentication in Microsoft Remote Desktop Protocol.

Letter to the Editor: Biometrics misunderstood - causes death by starvation

Indian woman dies of starvation because of failures in system for biometric authentication for rations; her status is wrongly changed, unknown to victim who then receives reduced rations.

POS vulnerability affecting 300,000 systems patched by Oracle

Oracle recently patched a Micros point-of-sale vulnerability which could have allowed an attacker to read any file and receive information about various services without authentication from a vulnerable MICROS workstation.

Countdown to PSD2: Kill passwords to stay alive

Adopt dynamic authentication of customers for each interaction they perform, and do it as seamless and frictionless as possible: use the mobile devices we all carry. Too much is at stake to rely on shared secrets' as safeguards.

P455W0rDS: How secure is yours and is it time to retire it?

Relying on usernames and passwords to authenticate user identity is irresponsible. If one of your tweaked passwords is lost or stolen, you should throw all versions of it away as hackers know that people tweak passwords.

FIDO promotes device-based unified authentication standards

The FIDO Europe Working Group launched today with the aim of accelerating the use of FIDO authentication standards in Europe. SC Media UK spoke to Alain Martin, co-chair of the new FIDO Europe Working Group.

"Smarter" authentication has arrived - with behavioural biometrics

Smart devices demand smart authentication, with frictionless security in the background, not impacting usability - and behavioural biometrics is one option that may be able to deliver suggests David Vergara.

Can the enterprise trust smartphone verification technology?

73 per cent of fraud professionals think mobile devices will be the primary identity verification technology in the coming years. Yet 60 per cent also said that this will be biggest single point of compromise as well.

Interview: Dr Fatemi Ardakani, director, Bank Melli Iran: ID & authentication

Clearer definitions between privacy, security, and trust - a mix of these areas can be a great place for innovations. Identification and authentication are two particular areas that lots of innovation can happen says Dr Fatemi Ardakani

Rise in use of biometrics products for cyber-security, report predicts

As fraud rises, a new report has revealed that biometric-based authentication is set to become more prevalent in the UK.

[updated] UK Parliament records "unauthorised attempts" to access MP accounts

Following the theft and attempted sale of login details believed to belong to MPs, peers and parliamentary staff, Parliament has confirmed it has seen "unauthorised attempts" to access "less than one percent" of those accounts.

Wimax routers found to contain backdoors allowing authentication bypass

Old Wimax routers have been found to contain backdoors and could enable hackers to bypass authentication researchers have now disclosed, aiding use for DDoS attacks.

2017 authentication trends - getting beyond first base identification

Raz Rafaeli looks at top trends that can be expected in authentication this year and what it means practically for organisations and individual users.

Should world password day be a thing of the past? Dynamic MFA urged

Dwayne Melancon discusses the future of authentication and why a layered approach to security trumps the flimsy password - both in terms of user experience and security - with dynamic multi-factor authentication preferred.

Microsoft Pen Authentication: do we need yet more biometric tech?

As Microsoft files a patent for secure user authentication using a stylus, SC Media UK asks if the world needs yet more biometric security?

Intuitive image-based passwords - succeeding text-based passwords

Biometrics should be used with another authentication factor and needs to depend on passwords as a recovery mechanism says Hitoshi Kokumai, thus other alternatives to text passwords are needed - such as images.

Six key vulnerabilities identified within industrial control systems

Six key vulnerabilities have been identified within industrial control systems that adversaries can use to undermine critical infrastructure operations.

83% of ITDMS say their organisations won't use passwords in five years

Four out of five ITDMs predict that their organisations will be passwordless in five years.

Why biometric id won't mean the death of the traditional password

Biometric identification might be the latest weapon in the cyber-security battle, but it is not without risk. Lee Painter argues that those risks mean the traditional password won't be disappearing any time soon. January update contains details of 191 million people

Highlighting the pertinence of strong password practices, the update comes as E-Sports Entertainment Association announces leak affecting 1.5 million people.

Domino's Pizza advises customers to change their passwords

Pizza purveyor Domino's Pizza has advised its customers by email to change their account password to one which is strong and unique to avoid fraudulent account activity, owing to recent large-scale data breaches and password reuse across multiple websites.

Multi-factor authentication — it's not as good as you think

François Amigorena argues that multi-factor authentication impedes end users and slows them down in their jobs, and goes into detail about how context-aware security works in the background to secure users

Mastercard plans to authenticate transactions using selfies

Mastercard plans to authenticate transactions using selfies and thumb-prints, in a bid to move away from traditional username and password authentication, and make the payment process as frictionless as possible.

e-Signatures & eIDAS - what you need to know

David Alexander discusses three ways in which the new EU e-Signature Regulation will affect wealth management companies.

Biometric authentication - are the Brits too trusting of biometric security?

André Malinowski discusses his view on how Britain is too trusting of biometric security

Letter to the Editor: Biometrics - does it strengthen or weaken security?

Biometrics can actually weaken authentication security if not implemented correctly says Hitoshi Kokumai, who asks, what exactly does the NIST Authentication Guideline have to say on this issue?

Google to add sender authentication to Gmail

In a bid to protect its users from phishing and malware, Google has adopted the DMARC protocol and will warn users if it can't authenticate the source of emails.

UK testing social media logins for authentication

To enhance the use of its web portal,, the UK government is testing the use of its subscribers' social media logins as an authentication method.

Biometric data: security and ease negate passwords, but is it private?

Compared to passwords, authentication through biometric data is simpler to use and can be much more secure.

37% of Brits share personal login details with friends or partners

Over 10 percent of the UK population has pretended to be someone else online by snooping or sending messages through someone else's social media or email accounts without their permission.