Security News

In the first half of 2022, BioCatch estimates fraudulent transfers to money mule accounts totaled $3 billion and that there are approximately 2 million mule accounts in the US. Additionally, researchers found that the average mule transaction amount is $1,500 - a low amount to avoid detection when executing mule campaigns at a large scale. In this Help Net Security video, Erin Englund, Threat Analytics Lead at BioCatch, explains what money mules are, why are they becoming so prevalent, and how we can defend against them.

The Unique Identification Authority of India has backtracked on advice about how best to secure the "Aadhaar" national identity cards that enable access to a range of government and financial serivces. Privacy concerns have also been raised over whether biometric data is properly secured stored and secured, if surveillance of individuals is made possible through Aadhaar, and and possible data mining of the schemes' massive data store.

UADAI arranges for collection of the biometrics needed to create an Aadhaar - ten fingerprints, two iris scans, and a facial photograph - through enrollment agencies and registrars and provides authentication-as-a-service using Aadhaar numbers. More than a billion Aadhaar IDs have been issued and over 99 per cent of India adults have enrolled in the scheme.

The independent communications authority of South Africa has submitted a radical proposal to tackle the problem of SIM swapping attacks in the country, suggesting that local service providers should keep biometric data of cellphone number owners. SIM swapping attacks are a multi-million problem for all countries and service providers globally, allowing threat actors to port people's numbers to attackers' SIM cards, essentially hijacking the subscriber accounts.

The Italian privacy guarantor has imposed a fine of €20,000,000 on Clearview AI for implementing a biometric monitoring network in Italy without acquiring people's consent. Without ever acquiring those people's consent or informing them about the scraping of their biometric data, Clearview AI offered its clients a search service that employed artificial intelligence to match faces with identities and online activity.

Humans have far greater difficulty identifying images of biometric spoofing attacks compared to computers performing the same task, according to research released by ID R&D. The research report finds that computers are more adept than people at accurately and quickly determining whether a photo is of an actual, live person versus a presentation attack. The study tested humans and machines by presenting them with the most common spoofing techniques: printed photos, videos, digital images, and 2D or 3D masks.

The way the behavioral aspect complements biometrics could cater for safer, more reliable, and faster identification. In contrast to traditional biometrics, behavioral biometric approaches are "Younger" and less standardized.

According to the Kraken Security Labs team, there is a way to clone fingerprints using inexpensive materials, with no high-end tools involved in any step of the process. As the team demonstrated, stealing the fingerprint is a case of photographing it with any modern smartphone and then generating the negative on a photo manipulation software.

How can you be sure that someone is who they say they are, if they're not standing in front of you? In a digital world, how can organizations be sure that an individual attempting to access online services is who they claim to be? Or that they exist at all - are they a fake identity created for fraud or malicious intent? Online biometric authentication enables governments, banks and other enterprises to securely verify user identity.

The survey shows that robust security and a seamless user experience are still non-negotiables when it comes to building digital trust, and the speed of service has also become essential to the digital consumer when setting up an online account. Approximately half of consumers expect that it should take less than three minutes to approve a banking transaction or place a bet, and roughly 35% consumers believe it should take the same time to fill a prescription.