Knowledge-based authentication is no longer reliable, says fraud expert Avivah Litan, an analyst at Gartner. She explains why so-called behavioral authentication is the only reliable way to verify users.
Learn how the partial government shutdown is hampering a wide variety of important Department of Health and Human Services programs, ranging from patient privacy protection to disease outbreak detection.
The United States should be prepared for a dramatic increase in card-not-present fraud as cards using the EMV standard are widely deployed, says card fraud prevention expert Julie Conroy of Aite, who describes the reasons why.
IT leaders at state health insurance exchanges, as well as at the federal level, were fine-tuning their systems this week as consumers had trouble accessing the exchanges or completing applications for health plan coverage.
Randy Trzeciak and his CERT Insider Threat Center colleagues are working to broaden the definition of the insider threat to incorporate not just the risk to information and IT but to facilities and people, too.
In the wake of an ongoing stream of merchant and payment processing breaches, the FDIC is reminding smaller banking institutions that they are ultimately responsible for ensuring the security of cardholder data.
Mitigating card risks associated with retail malware attacks and POS vulnerabilities is a focus of updates to the PCI Data Security Standard, say Bob Russo and Troy Leach of the PCI Security Standards Council.
Too many organizations are spending far too much money on gathering big data that they cannot put to good use, such as for fraud prevention, says IDC analyst Jerry Silva, who stresses that investments must have strategic value.
Two states are testing new technologies that, if successful, should make it easier for citizens to securely access government services online with the side benefit of mitigating fraud and identity theft.
Hackers allegedly trafficking in personally identifiable data have reportedly breached the computers of three major data aggregators, raising doubts about knowledge-based authentication as a tool to verify identity.