HOME » IN THE NEWS
GlobeNewswire logo
October 6, 2014
Throughout the month of October, Authentify will be sharing password and authentication tips, ideas and security techniques to promote National Cyber Security Awareness. Each week will focus on a different topic related to cybersecurity.
PRWeb logo
October 2, 2014
The BIG Awards specialize in recognizing top-performing companies and organizations with a proprietary judging process scored by well-known and experienced leaders and executives from around the globe.
Bank Info Security logo
October 2, 2014
John Zurawski, vice president of security firm Authentify, says small business customers of Chase impacted by the breach should take steps to ensure their employee and payroll accounts are secure. "Small businesses should immediately change their passwords," he says. "The businesses affected should consent to any additional authentication factors the bank may offer."
NBC News Chicago logo
September 30, 2014
“Company officials say the hackers may have captured "account numbers, expiration dates, other numerical information and/or cardholder names," but it's not known whether they were successful in capturing the customer data.
VentureBeat logo
September 29, 2014
“The skill set of the hackers is evident in the source code. 60 to 70 percent of malware is copied from existing strains. Where the creativity lies now is in the masking and hiding of the malware within the systems, that often can’t detect it. The malware is constantly being adjusted in order to stay ahead,” Rolfe said.
American Banker Logo
September 26, 2014
"It's entirely possible they are somehow connected to your network for backup and archive," he added, which is where Bash becomes more dangerous. Most ATMs do not use the Linux operating system, but banks that build their own ATM software often use Linux, he said.
IT Business Edge Logo
September 25, 2014
One of the reasons this is so serious, Alan Dundas, vice president and product architect for Authentify, told me in an email, is because the Linux bash shell is everywhere. Many of the devices within the spectrum of the Internet of Things have Linux roots, and they weren’t designed for patches or to detect and prevent malware.
KrebsOnSecurity logo
September 16, 2014
Too many organizations only get religion about security after they’ve had a serious security breach, and unfortunately that inaction usually ends up costing the consumer more in the long run. But that doesn’t mean you have to be further victimized in the process: Be smart about your financial habits.
Mobile Market Portal Logo
September 11, 2014
As victimized celebs vowed to take legal action on these hackers, the photo hacks might just convince all users on the necessity to employ strong security measures to protect their data and persuade mass-market deployment of stronger authentication tools like two-factor authentication in the cloud, said John Zurawski
Tech News World logo
September 11, 2014
“Now that Jennifer Lawrence, Kate Upton, and others have become the poster children for hacked cloud storage, more users are beginning to understand that a little more inconvenience may be better than the alternative,” says John Zurawski.
Payments Source logo
September 9, 2014
Consider using the end user’s same mobile device, but instead of an upfront OTP for login purposes, one might use the voice channel post-login. The voice channel represents a completely different communication band from the SMS or data channel on a phone. It represents a way to do an out-of-band two-factor authentication.
Bank Info Security logo
September 4, 2014
Peter Tapling says many retail breaches start with a network intrusion that is typically traced back to weak credentials. “Any merchant that does not have two-factor authentication in place for employees and suppliers is gambling that they won’t be next.”
eWeek Logo
September 3, 2014
Security response teams at some of the card-issuing banks have already started buying back credit card numbers believed stolen in the suspected breach at Home Depot, according to John Zurawski, vice president of marketing for Authentify.
CSO logo
September 3, 2014
The consensus, Peter Tapling added, is that there’s a possibility the perpetrators of this apparent breach may be the same group of Russian and Ukrainian hackers responsible for the recent data breaches at JPMorgan and other banks.
SmartData Collective logo
September 3, 2014
"Consumers are starting to accept them as a collateral damage to the e-commerce economy. This is rather unfortunate as the costs involved in the data breaches are in the end paid for by the consumers."
IT Security Guru logo
September 3, 2014
"The number of compromised cards could rival the Target breach if indeed this breach affected all 2,200 Home Depot stores and the breach goes back to April 2014. The ‘American Sanctions’ name for the card batches for sale are an interesting twist. Is this just a group that sympathizes with Russia? Or is it a state actor involved directly?"
Cyber Defense Magazine logo
August 2014

According to Aland Dundas, “The problem lies with the practice of delivering a one-time password to the end user via SMS. In general, OTP approaches of this type were fine several years ago. They’re just not as secure as they once were. The cybercriminals have developed their own countermeasures.”

David Strom's Web Informant logo
August 25, 2014
"xFA can add multifactor security to any web service with a few lines of code. We tested xFA on a small network in August 2014. It has cloud-based components to manage multifactor security, along with apps for iOS and Android."
PYMNT.com logo
August 25, 2014
"Bankers should also watch for a wave of fraud tied to identity theft and credit scams, and thoroughly authenticate every request for a credit card replacement, new credit card or loan as well as unusual electronic funds transfers," said John Zurawski
Credit Union National Association (CUNA) logo
August 22, 2014
Add shipping giant United Parcel Service (UPS) to the list of merchants that have suffered a data breach that compromised its customers' credit and debit card information.
American Banker Logo
August 21, 2014
Community Health Systems runs a network of 206 hospitals and hundreds of satellite doctors' offices across 29 states. The breach at the company is potentially worse than the one at Target Stores that compromised 110 million customer account records last year, according to John Zurawski, vice president of security software company Authentify.
Healthcare Info Security logo
August 21, 2014
"The Heartbleed vulnerability was disclosed April 7," says Alan Dundas, a security architect and vice president at Authentify, an authentication provider. "Community Health has indicated they were breached in April and June. If one were to read those tea leaves, it's entirely possible Heartbleed was the culprit."
Biometric Update logo
August 15, 2014
All of these vulnerabilities and breaches stem from two things: Failures in network security thinking to understand and counter emerging threats, and following the old adage: I don’t need more security until something happens,” said Ken Balich, Chief Information Security Officer at Authentify"
InformationWeek Bank Systems and Technology
August 8, 2014
Overall, the true cost of data breaches is significantly higher than one would think, according to multi-factor authentication provider Authentify. The firm estimates each breach costs about $5.4 million for the affected companies.
InformationWeek Dark Reading Logo
August 7, 2014
"Using hard-coded username and passwords from hardware manufacturers without another layer of protection is security suicide," says Ken Balich, CISO at Authentify."
eWeek Logo
August 4, 2014
One company that has an interesting approach to using smartphones for authentication is Authentify. Authentify’s xFA is a cloud-based voice biometric approach that promises app authentication that would be very difficult to hack.
American Banker Logo
August 4, 2014
"What we have done is make that experience as simple, automated and friction-free for mobile users as SSL or HTTPS is on the Web."
InfoSecurity Logo
August 4, 2014
“The barrier to mass-market deployment of stronger authentication boils down to the impact on the user experience," said John Zurawski, vice president at Authentify"
Cutimes.com Logo
July 28, 2014
“Two-factor authentication has been under attack for a long time,” said Zurawski. “It should be no surprise that criminals have found ways to attack one-time passwords sent in SMS.” What’s a more secure alternative than SMS? Zurawski suggested a voice call to the consumer’s smartphone that reports the login attempt and requires confirmation."
Mobile Market Portal Logo
July 28, 2014
“Authentify, which has been in the news for its secure and affordable authentication solutions, advocates the use of the Authentify xFA platform, which is an easy-to-use, substantially more secure and affordable authentication solution, capable of competing with SMS.”
Secure ID
July 25, 2014
“As we have said many times, not all two-factor authentication techniques are of equal strength,” says John Zurawski. “An authentication technique that is applied after the transaction has been initiated is required. It must also communicate the actual transaction details to the end user via a separate secure communication channel.”
TeleAnalysis Logo
June 16, 2014
Many business cycles have been spent wrestling with the potential vulnerabilities of mobility and BYOD. The newest generations of mobile devices, however, offer considerable promise for strengthening security. Mobile solutions are currently available that offer ‘no typing’ logins using biometrics and cryptographically strong digital certificates for authentication.
data security
June 11, 2014
The new reality for retailers is that any end point, any interconnected system or any route along a network can become a point of entry for a cybercriminal, and the high value target is the data. Given that sobering reality, retailers, the credit industry and the financial services firms supporting them, must move beyond compliance with the Payment Card Industry Data Security Standard (PCI DSS) and broaden the consideration for safer computing and networking at every level.
IT Business Edge Logo
June 9, 2014

“This vulnerability shines a light on the increasing need for financial institutions (FI) to involve account holders in the ‘backend’ protection of their own accounts,” said Andy Rolfe in an email. “A ‘deputized’ customer base can help protect an FI and themselves.”

Beats Electronics
June 3, 2014
"One of the characteristics of being a smaller company is, we can come up with really great ideas and we kind of work really hard to get particular individuals to implement it," Tapling told Benzinga. "There's no replacing Apple making something available to 500 million people in a day. So I think it's going to be a combination."
Beats Electronics
June 1, 2014
"Whether or not Apple has this in mind is pure speculation, but many of the biometrics that will become common in the future need a wearable device," Tapling told Benzinga. "Apple just acquired a very 'wearable' assortment of devices with the Beats technology. Imagine a heart rate, blood pressure, vein print built into devices millions of folks wear voluntarily already -- headphones."
Chicago Technology
May 29, 2014
What happens when millions of usernames and password combinations are breached? How bad will it be? IF you're an Authentify customer, you and your end users are still protected employing Authentify's elegantly simple but extremely effective techniques for remote user authentication
fingerprint
May 27, 2014
Mobile authentication provider Authentify is to provide a way for banks, payments networks and other secure service providers to make use of the fingerprint scanner built into the Samsung Galaxy S5 to add an extra layer of security to mobile transactions.
payments
May 22, 2014
"Mobility has added a level of difficulty with regard to knowing your user or customer," says Authentify chief technology officer Andy Rolfe in the release. An end user and a device can be almost anywhere, making biometrics "the most reliable way" to ensure the device is still in the hands of the same user, Rolfe adds. "We are able to handle a wide range of use cases and end-users employing multiple biometrics."
data security
May 7, 2014
Yesterday, Target's CEO Gregg Steinhafel resigned. The recent past has been rough for the top exec, and, although the retailer has had some missteps -- such as its bungled entry into Canada -- it seems likely that its widely publicized and far reaching data breach was the catalyst for this move.
cyber world
May 2, 2014
Individuals resort to lying about themselves to protect their identities when accessing systems in today's imperfect cyber world, says Peter Tapling, president of Authentify, an out-of-band authentication service.
heartbleed
April 30, 2014
The Heartbleed Bug is so widespread around the Internet, that businesses should simply use caution and assume that they have been impacted. Read more at http://www.business2community.com/small-business/protect-small-business-heartbleed-bug-0855204#E6Zib38h1EQdMuyx.99
Info Security
April 18, 2014
The breach of e-commerce retailer LaCie is the latest indicator that more fraudsters are targeting online merchants because card-not-present transactions are particularly vulnerable...
Wall Street
April 21, 2014
Attention on cyber security has skyrocketed since the end of last year thanks to the data breaches that hit several of the nation's biggest retailers.
Bank Technology
April 21, 2014
A recent malware attack targeting bank customers in the Middle East offers some tips on how such attacks can be prevented.
Bank Technology
April, 2014
Cover Story
Finextra
March 17, 2014
We get a lot of questions about what banks should do to protect themselves against online fraud. There seems to be a lot of confusion which only gets worse as dozens and dozens of vendors start to fight different pieces of online fraud.
Digital Tran
March 10, 2014
The coming of Europay-MasterCard-Visa (EMV) chip cards to the U.S. has many American merchants worried about the inevitable shift of credit and debit card fraud from the point of sale to online channels.
Securist
March 10, 2014
The bad guys are taking full advantage of the squishy parts of the Internet's DNA. The result: massive DDoS attacks are disrupting Internet commerce, and slowing down the speed of the web.
Startups
March 4, 2014
Your e-commerce website is riddled and bounded by password barriers. From your main administrative password that allows access to your web hosting control panel to your FTP login access, passwords are deeply important from a digital security point of view.
Secure
February 25, 2014
Authentify announced that it has been selected to support the American Association of Motor Vehicle Administrator's pilot project for raising the level of trust in online identities.
Banker
February 25, 2014
A new set of specifications that could strengthen security for websites and mobile apps is receiving strong support from payments and technology heavyweights.
Forbes
January 31, 2014
Leaked screenshots from @evleaks about Samsung's next Galaxy device, the S5, suggest Samsung is jumping head first into the biometricification ofmobile.
Data Risk
January 29, 2014
Here are three keys trends that departments are facing in their efforts to keep company assets under control and minimize potential sources of ...
Innovation
January 28, 2014
In the decades following the tragedy of 9/11, air travelers around the globe became accustomed to heightened security levels for access to air travel. High security at airports became 'normal.' A similar shift for electronic commerce is inevitable.