As high-profile security breaches continue to mount, it is becoming increasingly clear that businesses can't just sit back and hope they don't become a victim.
August 07, 2013 — CSO — Brute force attacks to pry login credentials from content management sites like blogs have been growing as more data robbers use a short-term gain for a bigger pay-off later on.
Such sites are attractive targets because they tend to be less secure than other environments -- such as financial services -- and since they're interactive by design, "drive-by" malware planted on them can infect a lot of users quickly, said David Britton, vice president of industry solutions at 41st Parameter.
Non-payment NFC applications are not one-size-fits-all where the same level of security is required or needed. For example, you don’t need the same level of security for a coupon as you would an identity application. Application developers know this, too, and incorporate the appropriate amount of security depending on the application. Applications that use sensitive data such as you identity information will always be stored in the secure element, where it cannot be tampered with or stolen.
NFC mobile payments are very secure. NFC-enabled mobile devices, which are readily available today, have a chip inside of them called a “secure element.” The payment application and your payment account information is stored in this special chip, making it invulnerable to attack. The method through which your mobile device relays information wirelessly is also very secure. The communication between a mobile phone and point-of-sale terminal use a globally recognized standard called ISO 14443 – this is the same standard used today for EMV and U.S. contactless payment cards.
An advanced Facebook security option, “login approvals,” uses one-time password (OTP) codes to verifying your identity when logging in to your account. If you turn this feature on in your Security Settings page (> Account Settings > Security), you'll be asked to enter a special OTP login code each time you try to access your Facebook account from a new computer or mobile phone. This can help prevent a hacker from hijacking your account.
Facebook is a good example of how to use mobile devices to enhance online security. If you have associated your mobile phone with your account, you can text 32665 with the message “otp” and Facebook will text back a one-time special code you can use to login to your account. You can also use the Facebook mobile app “Code Generator” to create OTP codes.
1. Educate yourself about how identity theft happens. Remember you are the most important part of your identity and personal information security.
2. Protect your personal information. Shred financial documents and paperwork with personal information; don’t just throw them in the trash.
3. Don’t make your wallet a one-stop-stealing opportunity. Don’t keep social security numbers, birthdays and other personal information in your wallet.
You lock your house. You lock your car. You should lock your online identity too, and not just with something as easily compromised as a password. Smart cards are a very effective way to protect you online with what security experts call two-factor authentication. To use it, insert your smart card in a reader and enter a PIN code to prove it is you. The card then uses very secure digital certificates and cryptographic methods to verify you are at the correct website and prove it is you.