(Page 2 of 2)
“Top global sites should be extra vigilant for an expected rush of fraud-staging activities and social engineering attempts through call centers as fraudsters take advantage of an elevated volume of password resets to fit into the 'noise of the crowd,'" Gross said. “The answer is additional layered security through a continuously refined set of 'locks' that immediately identify fraudulent access attempts, so organizations can protect their invaluable customer relationships.”
From Gross’ perspective, device intelligence coupled with a powerful risk engine is one critical component of this layered approach -- and it's already in place at several of the top global banks, e-commerce merchants, and airlines to help defend against exactly this type of widespread vulnerability.
“With the abundance of compromised data from recent breaches,” he concluded, “relying solely on usernames and passwords, accurate identity information, and basic step-up authentication to protect consumers at login or the point of transaction is a recipe for disaster without visibility into attacks across the entire online estate.”