Two-Factor Authentication with Background Noise: Is It Safe or Not
The term two-factor authentication is known for the majority of active users of the Internet. It is available on a variety of well-established websites conducting the work with the data of users: in social networks, email services, online banking. But unfortunately, not all the users use the benefits of this type of authentication. The most frequently this occurs because of some inconvenience with the standard 2FA procedure. The...
Out-of-Band Authentication
Out-of-band authentication (OOB) is one of the most popular types of two-factor authentication in the financial sector. It presupposes sending the one-time password to the user via a communication channel other than the main one, which is used for transactions on the Internet. Most often, during the OOB authentication, the OTP (One Time Password) is sent to the clients in the form of a text message via SMS or email and the company...
Information Security – the Aspect You Should Not Save On
Not so much time has passed since the meaning of the word «computer» was familiar only to employees of certain research laboratories and information security was a concern of special services. But those days are gone. Information technologies have drastically changed our lives. Using a computer, we have a rest, make friends, work, and do shopping. Very often the cost of convenience to do a lot of things, without getting up from a...
Virus CoreBot Turned into a Dangerous Banking Trojan
In late August, a new Trojan Virus CoreBot was discovered by IBM specialists. At first, it did not look particularly dangerous: its possibilities were limited to stealing local passwords and personal data of users in different browser and desktop applications. However, experts were seriously concerned about the modular structure of the new threat that promised great potential for its development. And they were right. In the first ten...
Recommendations for Using CWYS Data Signing
In the previous post, we reviewed the CWYS (Confirm What You See) mechanism, which allows generating one-time passwords on the basis of the data being protected. You can also see how two-factor authentication works and test the CWYS function here: Demo Users are often faced with this question: what data should be used during the ОТР generation to ensure the best protection for the system. Let’s consider the most common...