If you thought last year’s breach of over three billion records was bad, this year has already topped that number with record hacks. The stolen records will most likely be used for identity theft or to gain unauthorized access to other user accounts, especially for services which allow resetting your password using static security questions.
Recent breaches have bred a growing market in the fraud underground selling a variety of account credentials. With the help of account checking tools such as Sentry MBA, fraudsters can take leaked data from one breach, and for mere pennies, check the validity of those credentials across a number of other popular websites.
With Black Friday and Cyber Monday coming up, it is a perfect time for fraudsters to start putting some of those credentials to use for their personal gain in hopes of getting lost in all the noise of holiday shopping. It is also the perfect time for issuers and retailers to start thinking about the benefits that the 3D Secure 2.0 protocol offers to prevent fraudulent transactions.
Risk-based authentication is at the center of 3D Secure 2.0. It enriches the transactional information and takes into consideration hundreds of behavioral predictors in order to allow the optimum balance between usability and security under the “leaked credentials” theory.
On one hand, risk-based authentication enables transparent authentication for low-risk transactions where user behavior is considered familiar by using machine learning algorithms. This significantly reduces transaction abandonment rates by (Read more...)
*** This is a Security Bloggers Network syndicated blog from RSA Blog authored by Liat Ben-Porat. Read the original post at: http://www.rsa.com/en-us/blog/2017-11/translate-consumer-authentication-into-happy-customers-and-incre.html