10 Steps to Eliminate Digital Security Risks in Fintech Project
Any kind of project can be of potential interest to attackers, since the information stolen in an attack can be turned into cash. In the case of financial projects, though, an attack usually results in attackers transferring user or system funds to an unknown location. This eliminates the extra steps it would otherwise take them to reach their ultimate goal. Regardless of what stage your fintech project is at, it’s never a bad...
Two-Factor Authentication with Background Noise: Is It Safe or Not
The term two-factor authentication is known for the majority of active users of the Internet. It is available on a variety of well-established websites conducting the work with the data of users: in social networks, email services, online banking. But unfortunately, not all the users use the benefits of this type of authentication. The most frequently this occurs because of some inconvenience with the standard 2FA procedure. The...
Out-of-Band Authentication
Out-of-band authentication (OOB) is one of the most popular types of two-factor authentication in the financial sector. It presupposes sending the one-time password to the user via a communication channel other than the main one, which is used for transactions on the Internet. Most often, during the OOB authentication, the OTP (One Time Password) is sent to the clients in the form of a text message via SMS or email and the company...
Information Security – the Aspect You Should Not Save On
Not so much time has passed since the meaning of the word «computer» was familiar only to employees of certain research laboratories and information security was a concern of special services. But those days are gone. Information technologies have drastically changed our lives. Using a computer, we have a rest, make friends, work, and do shopping. Very often the cost of convenience to do a lot of things, without getting up from a...
Recommendations for Using CWYS Data Signing
In the previous post, we reviewed the CWYS (Confirm What You See) mechanism, which allows generating one-time passwords on the basis of the data being protected. You can also see how two-factor authentication works and test the CWYS function here: Demo Users are often faced with this question: what data should be used during the ОТР generation to ensure the best protection for the system. Let’s consider the most common...