As high-profile security breaches continue to mount, it is becoming increasingly clear that businesses can't just sit back and hope they don't become a victim.
August 07, 2013 — CSO — Brute force attacks to pry login credentials from content management sites like blogs have been growing as more data robbers use a short-term gain for a bigger pay-off later on.
Such sites are attractive targets because they tend to be less secure than other environments -- such as financial services -- and since they're interactive by design, "drive-by" malware planted on them can infect a lot of users quickly, said David Britton, vice president of industry solutions at 41st Parameter.
The proposed Medicare Common Access Card Act would create a series of pilot programs to embed secure chips on Medicare identification cards. The aim of the act is offer seniors more protection for their identities while reducing fraud and waste in the strained Medicare system.
Non-payment NFC applications are not one-size-fits-all where the same level of security is required or needed. For example, you don’t need the same level of security for a coupon as you would an identity application. Application developers know this, too, and incorporate the appropriate amount of security depending on the application. Applications that use sensitive data such as you identity information will always be stored in the secure element, where it cannot be tampered with or stolen.
NFC mobile payments are very secure. NFC-enabled mobile devices, which are readily available today, have a chip inside of them called a “secure element.” The payment application and your payment account information is stored in this special chip, making it invulnerable to attack. The method through which your mobile device relays information wirelessly is also very secure. The communication between a mobile phone and point-of-sale terminal use a globally recognized standard called ISO 14443 – this is the same standard used today for EMV and U.S. contactless payment cards.
A secure element, sometimes called an SE, is a special chip inside of a NFC-enabled device. It is a temper-resistant platform that can securely host applications and their confidential data. When a NFC application requires very high levels of security – such as a payment applications – it is housed inside of the secure element, and you can trust that your information will not be stolen or attacked.
Gmail offers its 425 million plus active users worldwide the ability to strengthen the security of their accounts through “2-step verification” with one-time passwords (OTPs). According to Gmail, “It’s an extra step, but it’s one that significantly improves the security of your Google Account because it requires the powerful combination of both something you know—your username and password—and something that only you should have—your phone.”
An advanced Facebook security option, “login approvals,” uses one-time password (OTP) codes to verifying your identity when logging in to your account. If you turn this feature on in your Security Settings page (> Account Settings > Security), you'll be asked to enter a special OTP login code each time you try to access your Facebook account from a new computer or mobile phone. This can help prevent a hacker from hijacking your account.
Facebook is a good example of how to use mobile devices to enhance online security. If you have associated your mobile phone with your account, you can text 32665 with the message “otp” and Facebook will text back a one-time special code you can use to login to your account. You can also use the Facebook mobile app “Code Generator” to create OTP codes.
1. Educate yourself about how identity theft happens. Remember you are the most important part of your identity and personal information security.
2. Protect your personal information. Shred financial documents and paperwork with personal information; don’t just throw them in the trash.
3. Don’t make your wallet a one-stop-stealing opportunity. Don’t keep social security numbers, birthdays and other personal information in your wallet.