PINDROP BLOG

Category: Authentication

October 31, 2017
Data Breaches: The Death Knell of KBA
In the 1930s, the United States introduced Social Security Numbers to keep track of workers’ wages and their Social Security Program contributions. Today, the private sector uses Social Security Numbers as a unique identifier for consumers and the primary means of gathering information on individuals. Our society is comfortable using this identifier when applying for…
Read More →
October 18, 2017
Call Center Criminals Unmasked | Real-Life Fraudsters & Audio Recordings
Call center criminals are becoming increasingly sophisticated in order to maneuver around authentication and security measures, granting them access to sensitive information. It is evident the evolution of fraudsters’ techniques is jump-starting other criminal behavior including account takeover and identity theft – causing the global increase in call center fraud to jump to 113% since…
Read More →
September 14, 2017 | Dennis Fisher
Senator Seeks Privacy Answers on Face ID
As tech enthusiasts pour over the design details of the iPhone X and swoon at the thought of a quarter-inch more screen space, some lawmakers are asking Apple for more details about the way the phone’s new Face ID authentication system works and what might be done with users’ faceprints. Face ID is the biggest…
Read More →
September 8, 2017
How 3 Premier Call Centers Are Reducing Fraud With Pindrop
With $14 billion lost annually to phone fraud, the call center remains a common target to fraudsters. Legacy authentication methods including caller identification, knowledge based authentication questions (KBAs), and ANI verifications no longer stand up to sophisticated attacks. Using these outdated solutions costs call centers $0.33 per call, adding up to $8 billion each year.…
Read More →
August 8, 2017 | Dennis Fisher
Microsoft Will Drop Trust For WoSign Certificates
Microsoft is following the lead of Google, albeit quite slowly, and removing trust for certificates issued by Chinese CAs WoSign and StartCom in its products. The decision is a result of the companies issuing some certificates in 2015 and 2016 that violated rules established by the CA/Browser forum. Specifically, researchers discovered that the CAs had…
Read More →
August 7, 2017 | Dennis Fisher
Siemens Medical Scanners Open to Simple Remote Exploitation
Siemens is warning customers that some of its CT and PET scanning machines have a pair of remotely exploitable vulnerabilities that attackers can use to execute arbitrary code. The flaws actually lie in Windows XP, the operating system on which the imaging equipment runs. One of the vulnerabilities was disclosed earlier this summer, while the…
Read More →
August 4, 2017 | Dennis Fisher
FBI Biometric Database Will Be Exempt From Some Privacy Act Protections
The FBI’s latest biometric database, which contains a host of identifying information from a wide range of sources, will be exempt from many of the restrictions of the Privacy Act. In a final rule published this week by the Department of Justice, the FBI announced that the Next Generation Identification system would not be subject to the Privacy Act.…
Read More →
August 1, 2017 | Dennis Fisher
IoT Security Bill Would Protect Research, Require Patches
Congress may be about to apply some real pressure to hardware manufacturers and software makers whose IoT devices are forming the spine of a new, wildly insecure global network. A bill introduced Tuesday in the Senate would require IoT makers to guarantee that any devices sold to federal agencies are patchable and don’t contain any known security…
Read More →
July 7, 2017
Google Adds New Anti-Phishing Feature to G Suite
Google is rolling out a new security feature for enterprises customers of its G Suite hosted apps that allows administrators to choose exactly which apps have access to user data. The feature is designed as a barrier against phishing attacks, many of which try to fool or confuse users into giving attackers access to sensitive…
Read More →
July 6, 2017
Free Wildcard Certificates Coming From Let’s Encrypt
Let’s Encrypt, the certificate authority that provides free digital certificates for site owners, plans to expand its service soon by offering wildcard certificates, as well, beginning in January. The move is designed to enable site owners to secure their main domain, along with as many subdomains as they own, with just one certificate. Normal certificates are tied to…
Read More →