Comments on: Security Buzz Words | Money Mules http://www.thegarlandgroup.net/2009/11/11/security-buzz-words-money-mules/ Sun, 07 Mar 2010 04:40:33 +0000 http://wordpress.org/?v=abc hourly 1 By: bk127001 http://www.thegarlandgroup.net/2009/11/11/security-buzz-words-money-mules/comment-page-1/#comment-379 bk127001 Sun, 22 Nov 2009 06:49:12 +0000 http://www.thegarlandgroup.net/?p=1105#comment-379 Some really great points. I am always surprised when fraud and security professionals confuse multi-layered authentication with multi-factor authentication. "Something you know" four times is not the same level of authentication as "something you know" and "something you have."<br><br>The cat and mouse game we play between fraudsters, bankers and vendors keeps us all on our toes - we're starting to see man-in-the-browser attacks that circumvent the two factor authentication provided by RSA tokens. I think there is a long way to go in intelligently leveraging multi-factor, multi-layered risk based authentication and security methods to fight these frauds. There is no silver bullet, but a need to coordinate cost and security effective strategies. Some really great points. I am always surprised when fraud and security professionals confuse multi-layered authentication with multi-factor authentication. “Something you know” four times is not the same level of authentication as “something you know” and “something you have.”

The cat and mouse game we play between fraudsters, bankers and vendors keeps us all on our toes – we're starting to see man-in-the-browser attacks that circumvent the two factor authentication provided by RSA tokens. I think there is a long way to go in intelligently leveraging multi-factor, multi-layered risk based authentication and security methods to fight these frauds. There is no silver bullet, but a need to coordinate cost and security effective strategies.

]]> By: bk127001 http://www.thegarlandgroup.net/2009/11/11/security-buzz-words-money-mules/comment-page-1/#comment-298 bk127001 Sat, 21 Nov 2009 22:49:12 +0000 http://www.thegarlandgroup.net/?p=1105#comment-298 Some really great points. I am always surprised when fraud and security professionals confuse multi-layered authentication with multi-factor authentication. "Something you know" four times is not the same level of authentication as "something you know" and "something you have."<br><br>The cat and mouse game we play between fraudsters, bankers and vendors keeps us all on our toes - we're starting to see man-in-the-browser attacks that circumvent the two factor authentication provided by RSA tokens. I think there is a long way to go in intelligently leveraging multi-factor, multi-layered risk based authentication and security methods to fight these frauds. There is no silver bullet, but a need to coordinate cost and security effective strategies. Some really great points. I am always surprised when fraud and security professionals confuse multi-layered authentication with multi-factor authentication. “Something you know” four times is not the same level of authentication as “something you know” and “something you have.”

The cat and mouse game we play between fraudsters, bankers and vendors keeps us all on our toes – we're starting to see man-in-the-browser attacks that circumvent the two factor authentication provided by RSA tokens. I think there is a long way to go in intelligently leveraging multi-factor, multi-layered risk based authentication and security methods to fight these frauds. There is no silver bullet, but a need to coordinate cost and security effective strategies.

]]> By: Heath http://www.thegarlandgroup.net/2009/11/11/security-buzz-words-money-mules/comment-page-1/#comment-282 Heath Thu, 12 Nov 2009 17:07:00 +0000 http://www.thegarlandgroup.net/?p=1105#comment-282 I challenge anyone to go into a Financial Institution that has been breached in a 'money mule' type attack and see if they aren't at least investigating tokens for use on online banking sessions. All the financial institutions that I have seen breached are using tokens now. I challenge anyone to go into a Financial Institution that has been breached in a 'money mule' type attack and see if they aren't at least investigating tokens for use on online banking sessions. All the financial institutions that I have seen breached are using tokens now.

]]>