Assured Applications

Assured Applications

Authentication build for every Application.

Application fraud

Application fraud, be it an assumed identity or financial credit and banking, is a known result of hacked devices and have become a sophisticated form of cybercrime. Access to applications is a consequence of device hacking and credential theft; one doesn’t exist without the other. AscendID cloud based authenticator ensures security assurance of all applications, across mobile smartphone and tablet devices and their users, so that assets are defended and an identity is never deceived.

is never deceived

Overview

Authentication build for every Application.

AscendID Access Gateway allows users to log in once to access all enterprise cloud applications from a single web portal. Unlike other single sign-on solutions, AscendID checks a user’s identity and device health every time they access an application, without using an agent.

Protection covers:
Google Apps, Amazon Web Services, Box, Salesforce and Microsoft Office 365.

Support covers:
Security Assertion Markup Language (SAML) authentication standard, and a variety of Identity Providers (IdPs), including Active Directory, OpenLDAP, Google OIDC, Azure OIDC and SAML IdPs.

 

Single Sign On Security

AscendID Access Gateway allows users to log in once to access all enterprise cloud applications from a single web portal. Unlike other single sign-on solutions, AscendID checks a user’s identity and device health every time they access an application, without using an agent.

Two Methods, One Identity

AscendID’s two factor authenticator token strengthens access security by requiring two methods to verify a user’s identity – something you know plus something you have.

Expiration Date

Out of date software and missing security controls will be flagged up by AscendID so that your applications are always current and therefore safe and secure, whether they reside in the cloud, on-premise or in a hybrid environment.

Access Gateway Assurance

Protect enterprise cloud applications such as Google Apps, Amazon Web Services, Box, Salesforce and Microsoft Office 365, among others. Web applications like Epic, SSH, UNIX and WordPress are also covered, as well as VPNs via Juniper, Cisco, and more. Every application is protected so you can get on with business.

Prevent with Policy

AscendID enables you to create custom authentication policies and controls per user group or application, in order to limit and restrict access on a needs basis. Provide easy access to work applications, while providing customised policies and controls on a per-application basis to secure them from risky users and devices.

Standard and Secure

The AscendID Access Gateway supports the authentication standard SAML (Security Assertation Markup Language) and a variety of IdPs (Identity Providers), including Active Directory, OpenLDAP, Google OIDC, Azure OIDC and more.

Our Partners

Qualys

Qualys

The leading provider of information security and compliance cloud solutions.

Check Point

Check Point

Check Point offers a complete security architecture defending enterprises' networks to mobile devices, in addition to the most comprehensive and intuitive security management.

Vasco

Vasco

A global leader in trusted security with two-factor authentication, transaction data signing, document e-signature and identity management solutions designed for all businesses and government agencies.

Sophos

Sophos

Sophos develops products for communication endpoint, encryption, network security, email security, mobile security and unified threat management.

 
Microsoft

Microsoft

As a Microsoft Gold Certified Partner, we are among the most highly accredited independent technical support providers.

VMware

VMware

We are a VMware Professional Solutions Provider.

 

Resources

  • Insights
  • Case Studies
  • Blog
  • Events
  • Videos
  • News
IPI Logo

Infographic

A cloud based secure Multi-Factor Authentication service providing global instant authentication from a flexible range of tokens.

IPI Logo

Datasheet

The intent of Multi-Factor Authentication (MFA) is to provide a higher degree of assurance of the identity of the individual attempting to access a resource, such as physical location, computing device, network or a database. MFA creates a multi-layered mechanism that an unauthorised user would have to defeat in order to gain access.

This document describes the industry-accepted principles and best practices associated with multi-factor authentication. The guidance in this document is intended for any organisation evaluating, implementing, or
upgrading a MFA solution, as well as providers of MFA solutions.

MFA Guidance from PCI Security Standards Council

IPI Logo

Whitepaper

The Total Cost of Operation of On-premise vs. Cloud-based Authentication

Many organisations rarely look closely at the Total Cost of Operation of their authentication solution and instead make a decision heavily driven by the up-front purchase price.

IPI Logo

Datasheet

Multi Factor Authentication.

Secure, Simple, Unified.

It can be a challenge to protect your organisation’s confidential information and infrastructure yet enable authorised users to access all the resources they need, no matter where or when. Multi Factor authentication cloud service from AscendID can satisfy your compliance demands.

IPI Logo

Infographic

AscendID tokens come in many formats to easily fit various requirements, find out more about our tokens in our infographic.

IPI Logo

Whitepaper

Take the appropriate measures to comply with the General Data Protection Regulation (GDPR). ENISA’s recommendation includes two-factor authentication and mobile application security as technical measures in high-risk situations.  Learn more and read a recently published study from ENISA — the European Union Agency for Network and Information Security which advises member states and private sector organisations in implementing EU legislation, and the GDPR.

IPI Logo

Whitepaper

Phishing is one of the most common threats hitting organisations. This guide details the problems around phishing, how it works, and how to leverage AscendID as a solution.

IPI Logo

Infographic

On-premise vs. Cloud-based authentication solutions.

Reduce your total cost of ownership with our up-front subscription model. Our cloud-based multi-factor authentication token requires no hardware appliances and no upkeep costs.

Flexible multi-factor authentication methods and a self-service portal means less administrative and helpdesk issues.

IPI Logo

August 7, 2018

Security is always going to be an ongoing battle, a struggle to resist the criminals who want to access your data or steal from your customers.

And so it’s not surprising that scammers are finding ways to penetrate systems secured with two-factor authentication (2FA) – and that organisations are increasingly turning to multi-factor authentication (MFA) to deter criminals and protect data.

Before we look at some of the techniques used to bypass 2FA, let’s clarify what we mean by 2FA and MFA and why the latter is more secure.

With 2FA, your customers must use two forms of authentication to gain access. In most cases, the two factors are a password and something in their possession, such as a security token.

Multi-factor authentication typically refers to a system that requires three or more factors to verify identity.

Authentication factors are grouped into categories:

Knowledge – something that the user knows, such as a password, PIN, or the answers to secret questions
Possession – something the user keeps, such as a key fob, dongle, or a message sent to their phone
Inherence – something unique to the individual, such as biometric information or their voice
Location – checking the user’s location with a GPS-enabled smartphone
Time – verifying that the user is carrying out tasks at a logical time, and not making purchases in London and Budapest ten minutes apart

2FA: undermined by determined scammers
While 2FA is more secure than simply using a password, it can be circumvented by determined hackers.

One technique for bypassing 2FA protections involves the scammer calling a customer and posing as their service provider.

The scammer claims that the customer’s account has been compromised, but they need the victim to confirm their identity. They send the victim a code by text message and ask them to read it back. The scammer may ask the victim to repeat the process several times, claiming that it didn’t work on the first attempt.

Eventually the scammer will claim to have confirmed the victim’s identity, and then they may discuss recent activity or orders on the customer’s account, asking the victim to confirm that they’re real.

They’ll invent one false purchase or order so the story sounds legitimate – and that there has genuinely been fraudulent activity on the victim’s account. The scammer offers to reverse the transaction and sends the victim one more code. The problem appears to be resolved and the victim feels relieved, thinking that everything is fine. But of course, the caller was a scammer and the codes were one-time passcodes (OTP) sent to approve changes to their accounts or to place orders.

Another scam involves scammers creating fake login pages for services like Google, Yahoo and Facebook. They send spoof emails to users, telling them that their account has been compromised, or that hackers have sensitive information such as their pictures. Users are instructed to login to protect their account, but, the fake page is simply harvesting information for the scammer. The scammer then uses the information to gain free access to the victim’s account. If the service uses 2FA, then the user simply enters the OTP code in the fake page – handing it directly to the scammers. The criminals can then sign in, change your password and harvest valuable information to support further scams and thefts.

Regulations encourage move to MFA
In the US, interest in MFA has been pushed by regulations such as the Federal Financial Institutions Examination Council (FFIEC) calling for advanced authentication for online transactions. In the UK, GDPR is renewing the focus on organisations’ obligations to protect user data.

The Information Commissioner’s Office (ICO) states: “A key principle of the GDPR is that you process personal data securely by means of ‘appropriate technical and organisational measures’ – this is the ‘security principle’. Doing this requires you to consider things like risk analysis, organisational policies, and physical and technical measures.”

In both jurisdictions, regulators may take a dim view of those organisations that don’t take adequate precautions to reduce the risk of data breaches. And while MFA is the current leader in the digital security arms race, it’s only a matter of time before criminals find techniques to undermine this approach. Tech companies and customer service organisations must continually strive to tighten security and keep several steps ahead of organised crime.

 

IPI Logo

August 1, 2018

Today there is a heightened awareness that credentials are perhaps the most valuable digital asset because they are a conduit to confidential information and systems. The right set of credentials are the electronic keys to the digital kingdom. Not only have hackers changed their methods, but users have gained a reputation for favouring productivity and convenience over security. In other words, they don’t always make the best choices when it comes to their credentials. According to a report from TeleSign, 73% of online accounts are guarded by duplicated passwords and 54% of people use 5 or fewer passwords across their entire online life. To make things even worse, the top 5 most used passwords in 2017 were the following:

  1. 123456
  2. Password
  3. 12345678
  4. qwerty
  5. 12345

Clearly, IT admins have their work cut out for them when it comes to keeping their environment secure.

Increase Security with Multi-Factor Authentication

To help guide users toward making better choices, IT organisations have employed a couple tools. One of them is enforcing more stringent passwords by utilising password complexity management solutions. This forces users to add in characters, numbers, and uppercase letters to strengthen their passwords or just lengthen them. However, one of the strongest defences IT admins have started to leverage is second factor or multi factor authentication. Generally, passwords are considered something that you know. By adding a second factor – something that you have – it is much harder to compromise an account because both are required to gain access.

The desire to increase security is what is driving the growth of the identity management category multi-factor authentication. With the advent of smartphones, the process to leverage MFA technology has become easier than ever. Historically, security technology has been difficult to implement and use. Now, though, MFA has become nearly ubiquitous.

IPI Logo

July 24, 2018

Another huge roadblock for Multi-Factor Authentication is the lack of token generation choices. For most MFA systems, you require some device or application to generate a one-time-password (OTP) that the system can validate.  This can be done in a tonne of different ways, from SMS text messages, desktop applications, to key fobs, just to name a few.

It is important to keep in mind that what might be the best for you, might not be the best for your users. For example, how do you expect someone with impaired vision to read a key-fob or SMS message? How would you expect users to unlock their laptops by connecting to a cloud service mid-flight? There are a multitude of scenarios and no one-size-fits-all solution.

The MFA solution you decide on should have a collection of token types to cater to any user. As soon as you force your users to use a one token model, you are fighting a losing battle.

Do it right

While there are many reasons why MFA projects fail (like incompatibility with the RADIUS protocol or lack of integration accelerators), these two reasons always seem to come on top. MFA has either been implemented in a way where users feel harassed, or has been levied onto users in a way which doesn’t match their culture.

The solutions are simple:

  1. Implement an intelligent, risk-based, multi-factor layer that is smart enough to only show users an MFA challenge when necessary.
  2. Provide a large selection of token choices and use-cases; security simply cannot interfere with workflow.

Prioritise these two features in your requirement list and you are already on the right track to a more secure company.

IPI Logo

July 19, 2018

Security may be high on the agenda of many but there still seems to be a lot of myths surrounding this topic. The fact remains that most organisations are rather stuck in their ways, having a misperception of security which can be largely attributed to group-think. This group-think often enforces bad habits or closes an organisation off to making change in a positive direction.

It should be obvious to all of us by now that leveraging multi-factor authentication (MFA) is a foregone conclusion. Expert analysis of nearly every recent breach shows consensus that if there had been an additional authentication factor, these breaches might have been stopped. This may sound familiar:

  • We have it, but it’s limited in use; only for admins connecting to the VPN
  • We had it for a while, but were asked to disable it due to user frustration
  • It’s such a nuisance, we don’t want to bother our users with it

There are so many poorly designed MFA solutions on the market that if you approach your project without being aware of the pitfalls, you might find yourself in the same position. To put it simply, the myth that users hate MFA is confirmed, but there are some simple solutions to this problem.

Stop harassing your users

Imagine this: you connect to a secure company application from home and are presented with an MFA challenge. After pulling out your phone and typing in the code, you are granted access. However, you are suddenly prompted to install a software update which requires a restart of your system and you have to repeat all the steps once again. This constant “bludgeoning of users with MFA” would drive anyone crazy.

It doesn’t have to be this way.

If you are not already using or planning to use risk-based adaptive authentication to make your MFA decisions, then you should be. Risk-based MFA uses what the industry refers to as ‘behavioural analytics’ or BA. To put it simply, BA is a process by which a security engine can establish a forensic profile about every one of your users, which includes items like the following:

  • Does this user belong to a risky group, like an admin group or DBA team?
  • Have I seen this user/browser combination before?
  • Is the user connecting during a typical time window?
  • Is the user violating any geographical rules, like a blocked nation or geo-velocity rules?

There are many more indicators of whether a user is exhibiting strange behaviour. Although, when combined with other factors like blacklists, whitelists, network rules and more, an adaptive risk-engine will do one of three things:

  1. Prompt suspicious behaviour for MFA
  2. Allow users with low risk on the network
  3. Block those that are an obvious threat

When applied correctly, even the user in question will agree that the prompt they saw makes sense. It is similar to when you are travelling out of the country and your credit card company messages you asking if the purchase in Dubai was actually you, the customer is grateful for the diligence of the credit card company and happily confirms. You can have this relationship with MFA and your users too, as long as you aren’t bludgeoning them with MFA.

IPI Logo

March 15, 2018

Ask any security expert how you should protect your employees against hackers, and one of the first things they’ll tell you is to setup two-factor or multifactor authentication (2FA/MFA) for your online services and business applications.

And they’re right.

2FA/MFA will protect your business’s sensitive data and resources against a host of cyberattacks and security incidents, including phishing scams, data breaches, man-in-the-middle attacks and more.

However, what most experts won’t tell you about is the costs involved in transitioning your organisation to 2FA/MFA. In many cases, organisations abandon their solutions because they can’t handle the technical, administrative and financial overhead they incur from deploying 2FA/MFA. Here is what you need to know.

MFA Hardware and logistics costs

Some MFA solutions such as security keys require specialised hardware. This means your organisation must pay to acquire and import the hardware and have the proper procurement channels and processes for quick replacements and new employees. You’ll also need the in-house expertise to maintain and update the hardware. This means you’ll have to hire experts, pay for education, or outsource the task to the manufacturer of the devices, all of which will incur more costs for your organisation.

IT Helpdesk costs

Most MFA solutions have a usability tradeoff. They’re not very easy to use, the main reason why many users become disenchanted and default to less secure alternatives. A lot of your employees will struggle to learn and get used to the MFA technology you adopt. Some will lose their keys. Others will get locked out of their accounts. You’ll need to allocate resources to support your employees in using their secured accounts. This includes setting up the right helpdesk software and hiring support personnel to tend to the needs of your employees.

Setting up 2FA/MFA is meant to make sure you have business continuity. Not setting up and paying for a helpdesk solution for your two factor authentication or multi factor authentication technology will turn it into a self-defeating goal because it will result in employee downtime, which will in turn cause your business performance to suffer.

Most MFA services use passwords which have a high total cost of ownership (TCO), facilitating password policies and resting requires a helpdesk which has its own cost in employee hours and the more complicated the password policy is the more maintenance is needed.

Password costs won’t go away

Let’s not forget that 2FA/MFA is tacked on your password infrastructure, not replacing it, which means none of the above costs will eliminate what you’re already paying for. You’re still responsible for keeping the passwords of your organisation secure. This means using the right encryption tools and enforcing strong password policies on your employees. You must also employ the security solutions to protect your password data stores against hacks and data breaches.

The AscendID solution

AscendID provides an authentication solution that minimises the costs of ownership and provides the best security for your organisation without causing friction in the user experience. From your organisation’s perspective, this means deploying the solution will eliminate the costs of associated with password based authentication. These include storing, encrypting and protecting passwords. Additionally, according to Forrester Research, Gartner, and HDI, costs of the average call to technical support for a password reset range from $17 to $25. The fact that an estimated one in four helpdesk calls are password related, means eliminating password management will translate into substantial savings even for small organisations. From your employees’ perspectives, password-less authentication means a friendlier user experience. This will in turn result in less employee confusion and lower support costs.

AscendID uses a mobile app which can be installed on employees’ personal or work phones. This means it will not require additional hardware costs. Meanwhile, while the app’s use is intuitive, under the hood it uses several different security mechanisms to prevent man-in-the-middle, spoofing, phishing and other kinds of attacks that other MFA solutions protect against.

Learn more about AscendID here.

IPI Logo

March 12, 2018

Rather than having to implement on-site servers and spend time integrating applications within the network, authentication-as-a-service is an increasingly viable way to deploy authentication.

The pervasiveness of remote access to the internet, web- based applications and cloud-based applications has enabled our business and personal lives to be transformed to the point where we can live in a 24×7 online world. The transition to software-as-a-service in particular (Saas) is transforming the way that IT departments work and the investments that need to be made.

This technology is now also used to make authentication more affordable, easier to manage and easier to implement. Rather than having to implement on-site servers and spend time integrating applications within the network, authentication-as-a-service is an increasingly viable way to deploy authentication.

Deploying strong authentication using a cloud-based service is applicable to organisations of all sizes: large enterprises are using it to replace older, more traditional server-based approaches; mid-tier organisations are using it as an alternative to having a service provider manage their authentication server; SMBs are using it because it delivers an affordability and ease-of-implementation that was never previously available.

There are many drivers for organisations to consider using cloud-based services, regardless of their size. Cost reduction is a primary consideration, followed closed by ease-of-implementation, reduced administration and management, high availability and flexible pricing options. These benefits of cloud-based applications and software-as-a-service are broadly recognised – and are fully applicable to authentication-as-a-service.

See our white paper to help you assess the true cost of authentication for your organisation.

IPI Logo

March 8, 2018

The smartphone has become indispensable. According to Deloitte’s latest Global Mobile Consumer Trends1 report, a survey of 17 developed countries found that one in five consumers checks their phone >50 times a day.

The explosive adoption of mobile apps and devices is changing how banks authenticate customers in the digital world. One trend we expect to continue into 2018 and beyond, is the drive to upgrade customer authentication technology from hardware to software tokens.

Software Tokens: Adoption Best Practices

If you have used OTP hardware tokens for years, introducing software tokens would ensure strong security coupled with a faster, easier user experience. (Prior to software authentication, customers had to remember multiple passwords; forgotten passwords blocked customers from transacting and required a reset by the helpdesk.)

Survey your customers
Survey customers’ readiness to accept software tokens. Research may show that most customers actually want both. Customers want the convenience of using their mobile device, knowing that if something goes wrong (e.g., lost phone, dead battery, etc.) they have a hardware backup. Mobile-first customers will inevitably be interested in software tokens, but not everyone may want to use their smartphone as an authentication method.

Barriers to adoption include:

  1. Lack of familiarity with, and therefore trust in, software tokens.
  2. Concerns about having too many apps already (not wanting to run out of space on the phone).
  3. Concerns about loss or theft of the phone.

Communication
A hybrid hardware and software authentication system can be the key. Customers are resistant to change, but once they try mobile authentication,
they are very satisfied and stay with it. That’s why communication is so important. You have to convince customers to try it.

Not surprisingly, the way you explain a new authentication method to customers directly influences adoption. First promote the software token, presenting the hardware option only if the customer does not have a smartphone. By promoting the mobile authentication option first, some organisations saw 62% of the first wave of migrated customers activate the soft token.

Customer Satisfaction
One of the most noticeable benefits organisations saw was the level of customer satisfaction among those who tried the software token. Overall, the majority of customers did not have any trouble understanding software authentication, and were very happy it was introduced. They found the information on the website, read it, and were able to activate and start using it without any helpdesk support.

IPI Logo

March 2, 2018

According to a recent survey by Accenture, banks experience 85 attempted breaches on average each year. More than a third are successful in stealing sensitive information. Each successful attack made headlines each time hackers successfully targeted large institutions and their customers.

Here are 8 top security, technology and industry experts who shared their predictions for 2018, along with their thoughts on the technologies of choice critical to building digital trust and long-term loyalty.

Mobile App Security

Frederik Mennes, Senior Manager Market & Security Strategy, Security Competence CenterFrederik Mennes, Senior Manager Market & Security Strategy, Security Competence Center
“In 2018, mobile platforms will be the biggest attack platform. We will see an increase in mobile banking attacks next year — because more banks are providing mobile banking apps, and there is a shift by users from PC online banking to mobile banking. One of the biggest threats against mobile are overlay attacks, especially in the U.S. and Europe. In the past, these attacks were only spotted in Russia, but we’ve seen the first examples in Europe and the U.S. and we expect there will be more next year. Overlay attacks are a type of malware that also takes advantage of the user, who has to enter their credentials into the overlay window. The combination of malware detection and Runtime-Application Self Protection is the strongest way to protect mobile applications today.”

Will LaSala, Director, Security Solutions, Security EvangelistWill LaSala, Director, Security Solutions, Security Evangelist
“In 2018, the mobile platform will be hit hard. The recent news of the WiFi WPA vulnerability and the potential for attacks is greatest on the fractured versioning system of the Android device space. Along with this attack, the rise in social engineering with mobile application repackaging and app distribution is on the verge of explosion.  Combine these monster holes with where the mobile app industry is headed, businesses should be aware and take extra precautions this year to secure their mobile offerings.”

Fraud Prevention — Banking

John Gunn, CMOJohn Gunn, CMO
“2018 will be an exciting time as we will see new defenses and technologies paving the way to mitigate fraud and risk. However, research is finding banks are still falling further behind as they try to keep pace with today’s fraud schemes. It’s time to turn to new solutions based on AI and machine learning that speed up the ability to detect fraud, enabling banks to not only keep up but get ahead on reducing the losses to fraud and defending against attacks.”

David Vergara, Director of Security Product MarketingDavid Vergara, Director of Security Product Marketing
“The banking world is facing increasingly intricate fraud schemes. As a result, banks will deploy more sophisticated solutions that combine risk analysis with machine learning, authentication, mobile security and orchestration to dynamically and in real time, apply the proper level of security for each unique transaction based on a risk score. Banks will also demand that these solutions provide simple integrations with a variety of fraud tools/platforms to ensure future requirements are easily incorporated. ”

Regulation

Matthias Valcke, Director Business Solution & Market DevelopmentMatthias Valcke, Director Business Solution & Market Development
“Last year’s increase in overlay attacks in mobile banking applications coupled with the upcoming PSD2 regulation will this year force banks to add further security functionality to their apps. Additional security measures like Runtime Application Self-Protection and other frictionless methods of protection like behavioral biometrics will likely be the solutions of choice.”

E-Signature

Rahim Kaba, Director of Product Marketing, E-SignatureRahim Kaba, Director of Product Marketing, E-Signature
“Whether you are signing a contract or agreement or opening a new account, the underlying digital transaction (including data, documents and signatures) needs to be trusted and secure across every channel. As a result, enterprises are looking to more advanced authentication options to validate the identity of participants in a digital transaction. They want to ensure there are adequate security features built-in, particularly for their higher volume, B2C online and mobile channels. The key is to take a balanced approach — inspiring consumer confidence without adding inconvenience.”

Machine Learning/Artificial Intelligence

Romans Bonbinkovs, Business Consultant Fraud DetectionRomans Bonbinkovs, Business Consultant Fraud Detection
“We’ve entered the age of artificial intelligence, machine learning and robotics. In 2018, we will see malicious software with AI capabilities, more automated attacks and more intelligent (spear) phishing campaigns. With the help of machine learning, fraudsters will be able to scan the web in an automated way, requiring little or no human intervention and fewer resources to create more devastating attacks.”

Blockchain

Giovanni Verhaeghe, Director Market & Product StrategyGiovanni Verhaeghe, Director Market & Product Strategy
“Blockchain is changing the game in the financial services industry by adding transparency, speeding up and simplifying processes, while also reducing costs significantly. Blockchain and distributed ledger technologies will be an important new technology implementation and will continue to have a big impact as people demand more control of their identities and access to their personal information. A ledger doesn’t have any notion of how an identity is stored, but adding identity and credentials to the distributed ledger makes something anonymous when it previously was not.”

To learn how leaders in the banking and security industries are safeguarding against fraud in 2018, download the Faces of Fraud Survey by ISMG here.

IPI Logo

February 27, 2018

Our partner Vasco, has seen an increase in the number of inquiries from banks on best practices for migrating from hardware to software authentication. To answer these questions, Vasco interviewed a bank that recently made the transition. One of the bank’s top learnings was that successfully switching customers to a new authentication method has as much to do with managing change and driving adoption, as it does with choosing the right technology.

If you are considering migrating your customers to soft tokens, here are four important lessons this bank shared:

  1. Survey customers to validate their readiness to accept software authentication. Survey responses will help identify any resistance to the new authentication method, and will help you prepare accordingly.
  2. Tailor your customer communications. Not all customers are tech savvy. Segmenting and customising communications to different user groups will increase adoption. As an example, adapt your messaging and communicate differently to slow adopters vs. mobile-first customers.
  3. Produce short explainer videos. Many customers prefer to watch a video rather than read the information on your website or client portal. Use short videos to explain the value (why authenticate through a mobile app on your phone instead of your OTP hardware) and demonstrate how it works.
  4. Scale the helpdesk. A small percentage of customers will need the most support. Plan accordingly to ensure a smooth transition for those customers, as well as your helpdesk staff.

In the full case study, this bank explains that while their mobile-first customers were interested in software tokens, not everyone wanted to use their smartphone as an authentication method. In fact, the bank had to overcome three barriers to adoption:

  1. Lack of familiarity with, and therefore trust in, software tokens.
  2. Concerns about having too many apps already (not wanting to run out of space on the phone).
  3. Concerns about loss or theft of the phone.

As a result, the bank decided to move forward with a hybrid hardware and software authentication system — while designing their customer communications to promote the software option.

IPI Logo

February 23, 2018

To learn how leaders in the banking and security industries are safeguarding against fraud in 2018, download the Faces of Fraud Survey by ISMG here.

The 2017 Faces of Fraud Survey, is a 27-page report that documents how leaders in the banking and security industries are preparing for fraud. Roughly 250 banking/security leaders participated in this survey, which was conducted to determine:

  • The top forms of fraud afflicting financial organisations in 2017
  • The biggest gaps in organisations’ efforts to detect and prevent fraud
  • What organisations are doing to counter the surge in mobile exploits

Information Security Media Group (ISMG)

IPI Logo

February 19, 2018

It was virtually impossible to ignore the high-profile attacks and data breaches that dominated headlines in 2017, which saw a rise in cyber threats to critical infrastructure, including the UK’s National Health Service (NHS), and had a significant physical impact on business operations, the energy and utility sectors, public transportation and more. When it comes to an attack on critical infrastructure, no organisation is immune from the potentially paralysing effects.

By applying lessons learned from the past year and with greater understanding and preparation, organisations can better mitigate risks and proactively combat future threats.

Prediction #1:  Natural Disaster

How to Prepare: Develop a Business Continuity Plan
Businesses should take precautionary measures by implementing a continuity plan detailing how to stay up and running through interruptions of any kind: power failures, IT system crashes, natural disasters, supply chain problems and more. And, both public and private sector organisations must communicate regularly with government entities to identify vulnerabilities and potential threats.

Prediction #2: Costly Fines for Failing to be GDPR Compliant

The EU’s General Data Protection Regulation (GDPR) sets more consistent data protection standards and outlines strict requirements for processing, storing and securing personal data of EU citizens. Any business anywhere in the world that handles data on EU residents must abide by these rules.

How to Prepare: Be Safe, Not Sorry
As the May 25, 2018 deadline for GDPR approaches, companies should focus on evaluating and optimising data collection, monitoring, and security policies to stay compliant. A good place to start is this checklist from the U.K. Information Commissioner’s Office, highlighting 12, clearly-defined steps you can start taking now to prepare and help keep your organisation from suffering potentially debilitating fines. 

Prediction #3: Growing Global Tensions and Increased State-Sponsored Cyberattacks

Throughout the past year, we’ve seen more details surrounding state-sponsored attempts to influence elections or disrupt foreign governments. In 2018, we could see an increase of hostile nations employing a combination of digital tactics – from infiltrating computers to destroying files with malware or ransomware and distributing false information through social media platforms.

How to Prepare: Implement Multi-Factor Password Authentication
The Private Sector especially can help protect themselves by enhancing prevention efforts and by being equipped to prevent attacks. It’s more important than ever for data breach prevention plans to be developed from a global perspective and with strategies that transcend borders.

AscendID can help.

IPI Logo

February 14, 2018

The UK Public Sector is desperately trying to catch up to the 21st century and must move to the cloud and mobile, quickly. The implications of this are:

  1. Public Sector will ultimately move away from the data center business. Everything will be “cloud.” Cost, simplicity and missions will require this change – sooner rather than later.
  2. Mobile will consume the desktop whole – iOS, Android, Windows 10… all popular mobile OSes.
  3. Items 1 and 2 will eliminate any need for a traditional ‘perimeter.’

The security model we all grew up on (VPNs, firewalls, etc.) struggles to keep up with this “cloud-first,” “always-connected” world we find ourselves in.  To this end, SSL has always been the most successful example as it is easy to deploy and doesn’t require the end user to jump through hoops in order to use it.

Second, mobile begets cloud and cloud begets mobile. This self-propagating “ecosystem” has brought power to app developers in the commercial world – agility, speed to market, whatever. This trend started in the consumer world and has brought this exact same power to the enterprise over the past many years. Public sector agencies are just now starting to realise some of these “powers” and need help to keep up.

AscendID can assist the government in protecting its move to cloud and to help public sector agencies as they contemplate a move to a modern security model.  See we have already helped one local UK council.

No events to display...

No news stories to display...

Change your tomorrow, today.
Get in touch.