In a previous blog series, my colleague Pedro Martinez took you through the evolution of digital banking authentication, and the path ahead – consisting of passkeys. Passkeys is a new standardised authentication framework to rid passwords for good – this is great news for all of us, since passwords come with a lot of issues. We all have too many passwords to keep track of – in fact, the average user has more than 100 – meaning we tend to use passwords that are simple and reused for different accounts – yet we still for get them. It’s no wonder that up to 50% of all helpdesk calls are for pass ..read more

Here’s an understatement for you: this is an interesting time to be a cyber security or risk management executive at an enterprise. In reality, this is the most challenging period ever for organizations when it comes to safeguarding data and systems. There is a rising number of data breaches—nearly 1.4 billion data records were lost or stolen in 2016, according to Gemalto’s Breach Level Index—and serious threats such as ransomware are making worldwide headlines on a regular basis. On top of that, companies are having to deal with a growing number of data protection regulations. This includes ..read more

As consumers, we’re all familiar with the two very distinct payment situations in our daily lives: in-store, or online using our phone, laptop or tablet. In both cases, we generally use an EMV payment card. At the store, these transactions are known as ‘Card Present’ transactions, as payment is performed using a physical card, a Point of Sale (POS) terminal and a processing network. For online purchases, the transaction is called ‘Card-Not-Present’ (CNP) and the card details must be manually entered in the online merchant interface – often at ‘checkout’ – to complete the transaction. So far s ..read more

I wrote this blog with help from my colleague Alexis Camarillo. Spoilers ahead! If you haven’t seen the film ‘Coco’, you might want to skip to the next sub-header In 2017 Disney released “Coco”, an animated fantasy film featuring the story of a 12-year old boy who stumbles by mistake into the Land of the Dead, where he goes through an unforgettable journey. It’s a very entertaining, emotional (it actually brought tears to my eyes) and beautifully narrated story, honoring a Mexican tradition called “Día de muertos”, where it is believed that late relatives and friends return for a day to spend ..read more

With technology moving into more areas of our lives than ever before, understanding how to protect your online data has never been more important. However, cybersecurity is so much more than just your online activities. With an increasing number of objects and devices also connected to the internet, protecting yourself from various online threats is now a multifaceted job – one that requires an understanding of the types of malicious actors and the numerous directions cyber-attacks can come from. Only once we understand the scope of risk can we begin to fight back against hackers and come up ..read more

The Office of the Australian Information Commissioner (OAIC) found that a single data breach affected more than 10 million Australians. In its latest Notifiable Data Breaches Quarterly Statistics Report, the OAIC reveals that it received 215 notifications of data breaches under the Notifiable Data Breach Scheme between 1 January and 31 March 2019. Nearly all of those security incidents (189) affected between one and 1,000 Australians. But there were a few events that claimed even more victims. Twelve of these data breaches affected 5,000 individuals, for instance, while two incidents comprom ..read more

It’s been one year since the European Union (EU) enforced the General Data Protection Regulation (GDPR)¹, a legislation designed to protect the personal data of EU citizens and lay specific rules and guidelines on how their data is collected, stored, processed and deleted by various entities. GDPR requires that organizations must disclose to national Data Protection Agencies (DPAs) any breaches of security leading to “the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed to local data prote ..read more

On May 25th 2018, the EU General Data Protection Regulation came into force, requiring companies based and operating in the European Union to comply with updated regulation about how they handle third party data. Other countries have taken similar approach to data protection, with Brazil adopting a law governing how organizations collect, use and share customer data. The LGPD (Lei Geral de Proteção de Dados) will go into effect in August 2020, leaving companies with a little bit more than a year from now to make sure they are compliant with the strict requirements related to processing and m ..read more

What are the market dynamics and trends that will shape the digital identity industry in 2019? Data breaches have become more common in recent years with organizations suffering at least two or three per year, costing them an average of $3.86 million. At the same time, consumers have become more demanding than ever, which means that service providers are under incredible pressure to deliver digital services that are not only secure, but also provide frictionless user experiences. The existence of Trusted Digital Identities will be a major factor in meeting those demands and here are six reas ..read more

Why data encryption is your last line of defense in a data breach The recent SingHealth breach is considered the worst attack in Singapore history, resulting in the loss of millions of private records and sensitive data. The leaked data not only affects SingHealth, but everyone else who’s had their data stolen. In this blog, we talk about why perimeter defense alone is not a foolproof solution in the event of a breach, and why you should shift your focus to accepting that a breach is inevitable. Perimeter-based defenses: No longer up to the task? In recent years we’ve seen data breaches of v ..read more