Will GDPR Kill Risk-Based Authentication?

Will GDPR Kill Risk-Based Authentication?

No, I’m not declaring another thing in identity management dead. Instead, I’d like you to join me in exploring something that has been bugging me quite a bit lately. Risk-based Authentication can cover a spectrum of capabilities, but most generically it is a passive authentication factor that tries to measure ... Read More
Securing Our Biometrics-Based Future

Securing Our Biometrics-Based Future

The last few years have seen an uptick in efforts to use biometrics more widely in authentication, most notably driven by the consumerization effect of Apple introducing Touch ID and Face ID. But this could be the (strong) nudge that was needed to push it over the edge. Mastercard just ... Read More
Hitchhiker's Guide to Identity- Identity Management

My Next Gig: Delivering the Identity-Defined Perimeter with Uniken

Back in 2013, I opened my ‘Hitchhikers Guide to Identity’ talk with the following slide. As an industry, we’ve come a long way since then. Multi-factor Authentication is mainstream, as is Paul Madsen’s t-shirt contest at CIS. Most companies are no longer debating whether their security can be entrusted to ... Read More
Invisible Identity, or How to Delight People & Secure Users

Invisible Identity, or How to Delight People & Secure Users

So I waited patiently for the folks at the Cloud Identity Summit to publish on their Youtube channel the talk I gave earlier this year on Invisible Identity. But it never came. Turns out that a few session recordings got messed up, and unfortunately mine was among them. I sense ... Read More
nakashimatweet

Doing 2FA Better Could Mean Using Social Factors

In my last post regarding weaknesses in how 2FA is implemented in the systems we rely on to secure us, I teased a thought that had occurred to me in going through the analysis I presented in the post. As usual, life intervened to distract me, but this recent post ... Read More