In This Section


Category: Authentication

February 1, 2017
How WhatsApp Rolled Out Encryption While Still Killing Spam
OAKLAND–WhatsApp has enjoyed tremendous growth in the last couple of years, a trend that accelerated even further when the company announced it was implementing end-to-end encryption on its messaging service. But that rollout also raised a serious issue for the company: how to identify spammers without access to the contents of users’ messages. Like most messaging services,…
Read More →
January 31, 2017
‘We Need to Embrace the Mundane’ in Security
OAKLAND–The security industry as a whole is really good at identifying interesting new problems and coming up with fancy products to solve them. But there is still a long list of boring, known problems that no one has fixed yet, and those are the ones that need the most attention, experts say. One of those boring problems…
Read More →
January 30, 2017
Facebook Unveils Delegated Recovery Account Security System
OAKLAND–Facebook has developed a new account-recovery system that eschews the typical communications channels used for this process, and instead relies on a user’s connections with other services. The scheme allows users to regain access to accounts without providing any identifiable information to other services. The Delegated Recovery system, which Facebook introduced at the Enigma conference here…
Read More →
January 24, 2017
Lavabit Launches New Encrypted Email System
Lavabit, the secure email service that shut down in 2013 rather than turn over the encryption key for a user account to the federal government, has reemerged with a new encrypted mail offering based on a standard developed by the company. It’s been more than three years since Lavabit founder Ladar Levison decided to end the…
Read More →
January 6, 2017
FTC Files Complaint Against D-Link Over Router, Camera Security
D-Link didn’t “take reasonable software testing and remediation measures” to protect users of its routers and IP-enabled cameras, failed to protect the private keys that sign the software on those devices, and put thousands of consumers at risk of attack, according to a new complaint brought against the technology vendor by the Federal Trade Commission. In…
Read More →
December 28, 2016
2016: Maybe Everything Wasn’t Completely Terrible
Let’s face it: 2016 has been pretty rough year. Things didn’t go all that well for humans in the last 12 months, and computers didn’t make out much better. Lots of things broke, and it seemed like whatever didn’t break was compromised, stolen, or lost. But not everything was terrible. There were some encouraging developments…
Read More →
December 22, 2016
Apple Delays Requirement for App Transport Security
Apple has pushed back a deadline for developers to support a key transport security technology in apps submitted to the company’s app stores. Officials said at the Apple Worldwide Developers Conference earlier this year that developers would have to support Apple Transport Security by the end of 2016. But on Wednesday, the company announced that…
Read More →
December 22, 2016
Call Centers a Soft Target for Fraudsters
The fraud schemes that consumers and businesses face every day are the end result of a lot of research, work, and planning on the part of the criminals who perpetrate them. There are a lot of moving pieces in the background that victims never see, and often the schemes involve many intermediate steps before a…
Read More →
December 20, 2016
Mobile Wallets Present New Opportunities for Fraud
One of the great things about the advanced mobile devices everyone carries now is that they serve so many different purposes. They’re encyclopedias, world maps, communications devices, and now they’ve evolved to become wallets, too. But as convenient as mobile wallet technology is, it carries with it some unique threats and risks for both consumers…
Read More →
December 19, 2016
Google Releases Project Wycheproof Crypto Test Suite
Google has released a new set of tests it uses to probe cryptographic libraries for vulnerabilities to known attacks. The tests can be used against most kinds of crypto algorithms and the company already has found 40 new weaknesses in existing algorithms. the tests are called Project Wycheproof, and Google’s engineers designed them to help…
Read More →
Pindrop® Panorama: Beating the Balancing Act of Security and Customer Service