One key lesson from the recent T-Mobile and several other breaches: our phone numbers, that serve as a means to identity and verify ourselves, are increasingly getting targeted, and the companies are neither showing an appetite to work on an alternative identity management system, nor are they introducing more safeguards to how phone numbers are handled and exchanged. From a report:rnIdentity management experts have warned for years about over-reliance on phone numbers. But the United States doesn't offer any type of universal ID, which means private institutions and even the federal government itself have had to improvise. As cell phones proliferated, and phone numbers became more reliably attached to individuals long term, it was an obvious choice to start collecting those numbers even more consistently as a type of ID. But over time, SMS messages, biometric scanners, encrypted apps, and other special functions of smartphones have evolved into forms of authentication as well.rnrn"The bottom line is society needs identifiers," says Jeremy Grant, coordinator of the Better Identity Coalition, an industry collaboration that includes Visa, Bank of America, Aetna, and Symantec. "We just have to make sure that knowledge of an identifier can't be used to somehow take over the authenticator. And a phone number is only an identifier; in most cases, it's public." Think of your usernames and passwords. The former are generally public knowledge; it's how people know who you are. But you keep the latter guarded, because it's how you prove who you are.rnrnThe use of phone numbers as both lock and key has led to the rise, in recent years, of so-called SIM swapping attacks, in which an attacker steals your phone number. When you add two-factor authentication to an account and receive your codes through SMS texts, they go to the attacker instead, along with any calls and texts intended for the victim. Sometimes attackers even use inside sources at carriers who will transfer numbers for them.
The biggest question that the Asia Times news story raises about the compromised enrollment software is - Why UIDAI cannot fix it? This post answers this question and the implication of this
The surge in identity theft and crimes using fake or stolen identity credentials and the ease with which entities can track our movements and behaviors, generally without our knowledge, are rooted in an identity mechanism ill-suited for today's digital age.
To early users, the internet held such promise for people and communities. Now, on the eve of Facebook's 15th birthday, social media is making people depressed. What happened?
If you are following the battle of the short messaging systems, you might think it is a one-dimensional contest between the systems that maintain your chat history for all time - like Twitter and Facebook - and the so-called disappearing messengers - like Snapchat - where messages vanish after bein
A woman apparently using my name meant a nightmare of unpaid traffic fines and a criminal record. But when I tracked her down, a different story emerged
Non smetterò mai di ringraziare Dino Bortolotto di cui sono amico e, di fatto, anche socio (sulla parola, ma con uno come lui vale più la parola che un contratto) per avermi fatto chiarezza sulle reali finalità dello SPID che altro non sono che di creare un'altra, nuova e inutile rendita di posizione a favore dei so
Secondo le due associazioni, la norma impedirebbe alle piccole e medie imprese italiane del comparto ICT di far parte del sistema di identita' digitale
Il domicilio elettronico, se reso obbligatorio anche per tutti i cittadini potrebbe rappresentare la svolta verso l'utilizzo delle nuove tecnologie
Uno sviluppatore impegnato nella realizzazione delle nuove specifiche parla di un brutto standard e di una tecnologia pensata per fare comodo alle aziende e non agli utenti
Indian security guard Tunni Rai lived for 65 without identity papers, and believes he has suffered as a result.
The Dutch airline is set to offer passengers the chance to look at each other's Facebook and Linkedin profiles to help them choose who they would like to sit next to on their flight.
Is it creepy to stalk you co-workers, your date or yourself on Google? Our Netiquette experts tell you why you should, or shouldn't.