Security News

Abstract: Risk-based Authentication is an adaptive security measure to strengthen password-based authentication. RBA monitors additional features during login, and when observed feature values differ significantly from previously seen ones, users have to provide additional authentication factors such as a verification code.

While passwords may not be going away completely, 92 percent of respondents believe passwordless authentication is the future of their organization, according to a LastPass survey. Passwordless authentication reduces password related risks by enabling users to login to devices and applications without the need to type in a password.

LexisNexis Risk Solutions announced the availability of the LexisNexis ID Compass Platform for Insurance. A multi-layered identity access management solution, the platform combines physical and digital intelligence to help insurance carriers respond to identity risk and reduce friction for consumers seeking insurance quotes and other transactions.

Yubico announced the general availability of the YubiKey 5C NFC, a multi-protocol security key with smart card support, designed with both near-field communication and USB-C connections on a single device. "Users are no longer tied to just one device or service, nor do they want to be. That's why the YubiKey 5C NFC is one of our most sought-after security keys - it's compatible with a majority of modern-day computers and mobile phones and works well across a range of legacy and modern applications. At the end of the day, our customers crave security that 'just works' no matter what."

GlobalPlatform has released a new specification to simplify and bring greater trust to the authentication of digital services on smartphones and biometric-enabled cards. Originally developed within EMVCo, the global technical body that facilitates the worldwide interoperability and acceptance of secure payment transactions, the Secure Element Broker Interface defines a standard to make end-user authentication simpler for all applications running in a GlobalPlatform-certified Secure Element.

Silverfort, a provider of an agentless, proxyless authentication platform, announced this week that it has raised $30 million in a Series B funding round led by Aspect Ventures. The additional funding, which brings the total investment in the company to $41.5 million, will help the company expand its sales, marketing, engineering and support teams globally.

More than ever, now is the time to make absolutely sure that your services and devices are using the best protection available to keep data secured and away from unauthorized hands. There are too many services to possibly list, but some of the most commonly targeted ones include email, banking, and shopping sites.

Google this week announced a series of security and ease-of-use improvements for the Autofill feature in Chrome. "Biometric authentication is optional. You can choose to confirm your card with its CVC and you can also turn this feature on and off in Chrome Settings at any time," Google explains.

You can easily add a fingerprint reader to your computer if one isn't already built in. If you have a laptop without a built-in reader, or you want to add fingerprint recognition to your desktop PC, you can enlist the aid of a third-party reader.

Learn how to enable passwordless SSH authentication on both Linux and macOS. You probably secure shell into your Linux servers throughout the day. Hopefully, you've set those servers up such that you're using SSH Key Authentication.