Vacation Season Means Easy Pickings for Hackers and Scammers

Vacation Season Means Easy Pickings for Hackers and Scammers

School’s out, which means summer vacation season is here. It also means identity thieves are chomping at the bit, knowing the warm weather means an increase in travel and related purchases, which translates into opportunity. While you can’t always prevent your credit card information or other personal data from being stolen, there are several steps you and your customers can take to help ensure identity theft doesn’t turn into identity fraud. It’s one thing to have to replace stolen or compromised credit cards, but it’s an entirely more complicated, time consuming, and costly task to repair credit once fraud has been perpetuated – or if your corporate credentials have led to a more significant security breach.

Let your financial institutions know you’ll be traveling.

Most banks are quick to block transactions that are out of character – which includes point-of-sale transactions in new geographies, unusual purchases or activities, and even just very high transaction amounts. Knowing where and when you are traveling will allow your banks to better protect you during and after your trip.

Use caution when accessing public WiFi

When accessing free public WiFi networks, you are putting yourself at risk. Hackers can easily intercept traffic and gain access your device and accounts. Be aware of fake “free” access that requires you to install software – that should be a red flag.  If you are going to use public WiFi, make sure to only use networks that require log-in. While they aren’t foolproof by any means, they do provide an added layer of security over open APs. Do not access your bank accounts initiate transactions unless you know you are on a secure network.  It’s hard, but resisting the urge to log onto social media constantly can be the difference between being exposed and not.

Be cautious with ATMs

Scammers are notorious for retrofitting ATM machines with skimming devices that read your card data, allowing thieves to create false cards with your account information and selling it or making purchases themselves. Be aware of anything the looks out of place, and don’t be afraid to jiggle the card reader – if it feels loose or oversized, best to keep away. Also, never give out your PIN or write it on the back of your card.

Don’t overstuff your wallet

Tourists are easy marks – they tend to carry fat wallets with their cash and credit cards. Carry only the cash you need for the day, and there’s no need to bring more than one (maybe two at most) credit cards. If your wallet looks overly full, you’re only inviting pickpockets and scammers who are ready to pray on your vacation habits and walk away with your cash and identity.

Lock screens and Find My iPhone

Common sense suggests you have a lock screen enabled at all times, but many people don’t, simply to save a few seconds. If your phone is stolen, a lock screen can keep your personal information and account data from being stolen. Phone tracking software can help you quickly locate your device if it is stolen or lost.

Complex authentication

Whenever possible, make use of more complex indentify verification methods. While two-factor authentication may seem like hassle, it makes it much harder for your data to be stolen. Similarly, voice authentication may seem like an extraneous step, but it provides a unique identifier that is much harder to breach than other password-driven authentication protocols. Increasingly, financial institutions and other organizations are adoption voice and other biometric authentication methods in an effort to reduce fraud and protect revenue.

To understand how voice authentication can help keep you and your customers safe, read more.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App

World Cup Presents High Profile Opportunity for Hackers

World Cup Presents High Profile Opportunity for Hackers

Considered by many as the greatest sporting event in the world, the 2018 World Cup in Russia, may be missing some traditional participants this year, including Italy, Netherlands, Chile, and the United States but, what it won’t be lacking is a host of cyber criminals looking to steal sensitive personal information from unwary participants and the masses of fans who have traveled to watch them compete.

Even though media, government organizations, and soccer organizations have made cyber security concerns a key issue, it’s certain hackers are looking to exploit the fact that hundreds of thousands of fans are looking for connectivity during the 21st edition of the quadrennial event. Given the global presence at the World Cup and high international data rates with most carriers, a large percentage of fans rely on WiFi for connectivity. Even for those with international plans, mobile networks are put to the test and deliver reduced performance, sending even those users looking for WiFi access.

Kaspersky Labs reported it tested the security of more than 32,000 public access points recently in Russia’s 11 host cities – more than 7,000 were not using appropriate encryption or authentication measures. Meaning, while there are many secure WiFi connections, there are many that can be targeted by hackers as easy opportunities to steal personal information from users.  All they would need to do is be in the vicinity of those hotspots, wait for unprepared visitors to connect, and easily intercept traffic to collect data.

Fans and participants alike should be aware of the presence of unsecure access points and take extra care to avoid them. Many of them may have SSIDs set up to fool users into believing they are legitimate networks. Some organizations, like England’s FA, have specifically advised players, coaches, and staff not to use public WiFi, even those provided at the team’s hotel. Here are a few tips that can help protect your devices and data while traveling at the World Cup, or anywhere.

  • Never use open WiFi (those without password protected access).
  • Consider connecting through a VPN if you are using WiFi. Most public access points aren’t using the latest encryption technology. A VPN will help protect your information even if it is intercepted.
  • Make sure lock screens and security are active on any devices.
  • Avoid any online shopping or other financial activity.
  • Use cash, travelers checks, or gift cards in lieu of credit cards to avoid account information being stolen.
  • Don’t use, accept or click on links, websites, attachments, or flash drives that could give hackers access to your devices.

While there’s a lot that individual users can do to protect themselves, financial institutions and other vendors should be aware of the likelihood that user information will be stolen, not only at major events, but at any time. They, too, should be prepared by making sure they have appropriate user authentication measures in place. Because PINs, passwords, and knowledge-based responses can all be exposed to hackers, biometric security measures, like voice authentication, can make it much harder for thieves to gain access to accounts or set up fraudulent accounts. With the massive numbers of attack opportunities for cyber criminals, security has to be a priority for everyone – vendors and customers alike – in order to limit risk and losses.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App

What Your Don’t Know About GDPR and PSD2

What You Don’t Know About GDPR and PSD2

New EU data protection rules are designed to protect customer data through stronger privacy and security requirements. GDPR (General Data Protection Regulation) goes into effect on May 25, 2018, and the second Payment Services Directive (PSD2) is not far off with a September 2019 implementation deadline. The new regulations are intended to ensure better customer information security and privacy while reducing fraud, essentially by giving control over data to its owners – consumers.

GDPR provides new policy around data collection and storage, including a requirement for consent to data collection the right for consumers to request any data collected on them be erased permanently. PSD2 allows customers to approve access to their bank account data by third parties, modernizing the payment structure in line with the growth of e-commerce. It also puts into place stronger user authentication checks for online transactions – at a minimum, two-factor authentication, which can include voice authentication or other biometrics.

This is all good for consumers, in theory, but there are potential drawbacks.

While consumers have generally adapted to an online economy and the need for heightened security has been prominently featured in media headlines thanks to many high-profile breaches, many consumers and businesses don’t take the risk as seriously as they should. Two-factor authentication provides an additional layer of security, but it also adds complexity to completing transactions for consumers, which could lead to a new resistance to online purchasing. That, in turn, could result in vendors opting to not implement additional security features, putting them and their customers at risk.

It’s clear payment structures have to more efficiently accommodate the digital era and the ability to authorize access to account information serves to democratize the payment industry. But, there are risks here as well. By providing access to sensitive account information to more parties, the risk is inherently increased by serving up new attack opportunities for cyber criminals. The burden of account security will be the domain of every online vendor with access to banking details.

Third, fraud identification relies on massive amounts of user data. A reduction of collectable data means merchants and fraud scoring systems will reach conclusions based on fewer data points, making it more difficult to accurately identify fraud. That can lead to increased false flags or missed fraudulent activity. Both are likely to have a negative impact on consumer sentiment. Even worse, cyber criminals are smart and adapt to changing conditions. The new rules could allow identity thieves to request data removal, which would mean those data points could no longer be used in scoring systems and lists of identified fraudulent activity.

There’s no question the intent of both GDPR and PSD2 is to protect customers – and by extension, businesses. But, they have potential flaws that could be exploited by fraudsters. The best way for consumers and merchants alike is to take security seriously and to understand that new identity verification methods, like voice authentication or fingerprint scanning, add a step to the process, but the inconvenience is minor compared to having to deal with identity theft or fraud.

To learn more about how voice authentication can help reduce fraud, visit VoiceVault.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App

Voice Authentication Market Expected to Grow Significantly

Voice Authentication Market Expected to Grow Significantly

With nearly every part of our lives now connected in some way, identity verification is becoming a constant activity. Typing passwords and such is a tedious task, especially if you’re diligent in changing your passwords regularly and keeping them complex. Fortunately, other forms of identity verification are becoming more popular, making the process simpler, whether talking to a representative or logging into an account.

Among them is voice authentication, which, along with facial recognition, is expected to see significant growth in the coming years. The global voice and face recognition market, which stood at $4.5 billion in 2016, is expected to reach $24 billion by 2025.

A major boost to the voice authentication market will come from the government sector, as defense and military organizations seek to increase their security measures. Growing use in government agencies will also drive the use of voice biometrics and facial recognition in commercial markets as well, especially in banking and other security conscious industries. North America is expected to see the largest growth in adoption, driven by a combination of government and consumer demand.

Customer service organizations at financial institutions and other service providers will leverage advanced authentication techniques to secure access to applications, accounts, and internally for access to facilities, servers, and other infrastructure. For customers, this provides not only an easier, quicker means of authentication, but a more secure one as well.  Many organizations have already implemented voice authentication internally and, as customers learn to use these newer forms of verification, they will start demanding them from other vendors, further driving adoption.

In addition, customer satisfaction will naturally increase, as businesses are able to more quickly identify customers and address their needs without going through lengthy manual verification processes.  Likewise, customer representatives will deal with fewer customers agitated by constantly having to identify themselves, driving an increase in employee satisfaction.

While the drivers of the voice authentication market may be primarily security driven, the additional benefits in commercial markets go well beyond helping reduce identity fraud, which cost businesses billions each year.

To learn more about how voice authentication can help better secure your business, click here.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App

What to Consider for Securing Retirement Accounts

What to Consider for Securing Retirement Accounts

Hackers want your money, and that includes your retirement nest egg. The bottom line is this: If you have a 401(k) account, be careful about who you allow to access it.

If you’re a 401(k) plan provider, or even an employer who offers your workers such a plan, be sure to warn participants about the potential for hacking. You should consult regulations – like the Employee Retirement Income Security Act of 1974 – related to your financial responsibility related to account protection, loss, and replacement. Then you can be sure to communicate the right messages to account holders (and their employers) on how to safeguard 401(k) savings.

For example, 401(k) providers should be alerted that fraudsters are a real threat to these accounts. Studies indicate that foreign hackers are trying to gain access to the $5.3 trillion in U.S. 401(k) assets today.

That said, it makes sense to warn retirement plan holders to avoid granting access to their accounts via email, phone, or text – even when communications appear to be from their employer or the plan administrator. Phishing is a common way frausters masquerade as legitimate organizations to get unsuspecting people to reveal personal information like account numbers and passwords.

Plan administrators and sponsors may also want to suggest that 401(k) account holders use strong passwords, change those passwords often, employ two-factor authentication, and avoid doing financial transactions on unsecured public connections. Voice authentication is another great option for providing a high level of security to 401(k) accounts.

Plan administrators and sponsors may want to configure the plans they offer and the systems they use to support them to only allow 401(k) account changes or withdrawals to occur when a certain set of steps are performed and information provided. Again, voice authentication provides a unique security mechanism that makes hacking very difficult.

When accounts are hacked, people and organizations suffer. If sponsors or third-party administrators are found at fault, they may be responsible for replacing that loss.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App

Best Buy and the Big Bang of Breached Data

Best Buy, and the Big Bang of Breached Data

On the heels of Kmart and Delta data breaches, Best Buy is one of the latest retailers to confess that customers’ information may have been compromised. Third-party data firm [24] was affected by a malware hack, generating cause for concern from Best Buy, which uses chatbots for customer service calls and online sales. Where does data security go from here? Best Buy will have to tackle that question as it sorts out the muck caused by the [24] breach.

Although credit card and other customer information is at risk, the damage done is not as insurmountable for Best Buy as it is for other retailers. While thousands of customers have fallen victim to information hacks in the previous cases, Best Buy remains confident much of their customer base is safe.

Best Buy issued an apology, now in the spotlight of the data privacy epidemic: “We are fully aware that our customers expect their information to be safeguarded and apologize to the extent that did not happen in this case.” A privacy hub website has been set up to address customers’ concerns about protecting their information. But is it too little too late?

Since US legislation may not be stringent enough to regulate privacy practices at major firms like electronics giant, Best Buy, what can you, as a consumer, do to protect your data? A step in the right direction, apart from boycotting businesses, is to regularly update passwords and take stock of who has your credit card information saved in their online database. Companies can take heed by auditing data practices, formalizing procedures for third-party data access, and further solidifying security measures by utilizing voice biometrics as part of a multifactor authentication security solution.

Remember, security is everyone’s problem, and both customers and retails have an obligation to do their part to ensure it.

To learn how VoiceVault can help develop or enhance your corporate security strategy, click here.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App


Five Ways to Protect Your Identity During Tax Season

As if tax season wasn’t painful enough already, the Internal Revenue Service reports that identity theft related to tax refund frauds continue to plague the American people and the economy at epidemic levels. While the numbers have decreased from highs around 2015, the IRS reports that tens of thousands of taxpayers are still victimized on an annual basis.

While you should be mindful of cybersecurity all year long, now is the time to be particularly vigilant, with Tax Day just around the corner. In an effort to ensure your protection, here are five ways that you can fight back against malicious actors this year.

Update passwords: Between our personal and professional lives, the average individual must keep track of about 25 passwords. With so much to remember, many people will use duplicated or incredibly simple passwords. This makes it easy for hackers to break the code and gain access to your entire network. Set up Tax Day as your annual day to update your passwords to make yourself a more elusive target.

Biometric authentification: Adding extra layers of authentification can also be a great way to protect yourself and your personal financial data. For best results, leverage biometric technology. While hackers can fake a signature, it’s much harder to replicate the unique markings of our fingerprints, voices, faces or eyes.

Encrypt your data: If you’re sending documents over to your tax accountant, don’t do it on the public Wi-Fi at Starbucks. Even if you have firewalls and anti-virus software on your device, you’re only as secure as the network on which you transmit files. Consider using an encrypted messaging service or a virtual private network for such sensitive documents.

Credit reports and SSA statements: Every year, you’re entitled to a free credit report and social security statement. If someone already has gotten hold of your information, you may find it in these reports. Maybe you’ll see a strange new card added to your credit report. Maybe you’ll see your personal information with someone else’s earnings reported on the SS statement. Check these out annually and you’ll catch fraud that has already occurred before your financial reputation is irrevocably destroyed.

Always have backup: What do you do if you’re targeted with ransomware and lose access to your tax documents or other financial records? If you don’t have back-up, you only have two options: pay up, or lose the information forever. Colocate vital data off-site in the cloud or a private server for starters. And of course, while less modern, it doesn’t hurt to have paper copies either.

There are fewer ways to destroy your finances more quickly than handing over your data to a thief. To learn more ways to protect your identity, click here.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App

Money2020 Asia 2018

Three Takeaways From Money2020 Asia 2018

After a strong showing in the United States and Europe in recent years, one of the world’s premiere FinTech events, Money2020, headed to Singapore last week for Money2020 Asia 2018. In past years, we’ve kept a close watch on the latest happenings from the event, which you can check out here or here.

But what can we expect to come out of this year’s show, where thousands of attendees, vendors and industry experts will connect to explore the latest happenings in the FinTech space?

If you weren’t able to catch a flight to Singapore yourself, don’t worry—we’ve got you covered. Here are the top three stories to come out of this year’s event.

  1. Blockchain advances but cryptocurrency growing pains are far from over.
    No question, there’s a general consensus among Money2020 Asia attendees that blockchain is on the doorstep of revolutionizing FinTech across industries. But interestingly, there’s less certainty in regards to cryptocurrency applications. Consumers have reported widespread identity verification issues at exchanges, and this uncertainty may be starting to take its toll. Ironically, the cryptocurrency market lost $60 billion in value on the last day of the show this year following announced regulatory increases and Google’s advertising ban.
  2. Mobility continues to drive security concerns.
    The global mobile payment market is poised for a $3 trillion valuation by 2023—a clear indication that both businesses and consumers are going to continue leaning heavily on their personal mobile devices for all manner of transactions in the coming years. But security concerns continue to besiege mobile users, driving up interest in biometric solutions like voice-based identity verification.
  3. Artificial intelligence shows signs of life.
    With deep machine learning and artificial intelligence technology taking off, it should come as no surprise that AI left an impression at Money2020. Transaction tracking, identity theft and fraud detection are all among the top applications as platforms become more interoperable.

To stay up to date on the latest industry news or to learn more about how VoiceVault’s voice biometric authentication and identity verification solutions can support your business, click here.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App

Meet Your New Biggest Cyberthreat Mobile Devices

Meet Your New Biggest Cyberthreat: Mobile Devices

Over the last several years, your business has been relying more and more on its mobile devices to operate. Now, all of your employees have smartphones and tablets. They use them for everything from processing payments to collecting data to communicating.

Here’s the problem, though: These devices are not secure. In fact, in a recent study 93 percent of organizations agreed that mobile devices present a serious and growing cyberthreat.

The report also found that:

  • 32 percent of companies admitted to sacrificing mobile security to improve performance;
  • 79 percent stated that the disruption of business operations is a bigger threat than the theft of data; and
  • 79 percent fear employee misuse.

Of course, the hardest step is admitting that you have a mobile security problem. Once you understand the scope of the cyberthreat, you can start taking immediate actions to improve your business’s mobile security strategy.

As you assess your mobile cybersecurity strategy, remember to consider taking a multifactor authentication approach that utilizes multiple systems to protect employee accounts. Give your employees access to a variety of authentication tools, and let them decide which ones work best for them. This could include voice biometric identity verification, strong passwords and security questions, or facial, iris or fingerpint scanners.

Remember that the more security checkpoints you add to your mobile device, the more secure your device will be. However, they need to be easy for employees to use or it could impact morale and productivity.

To learn more about how VoiceVault can bolster your company’s cybersecurity strategy, click here. Developers can also access a free trial here.

Experience Voice Biometrics with the ViGo Demo App


There’s No Easy Solution to Cybersecurity

Many business leaders today are still operating under the belief that cybersecurity is a simple fix — and that a single provider or solution can protect your business.

Until this way of thinking is corrected, cybersecurity will remain a top challenge for businesses.

The fact is that if you want to keep your business safe on the Internet today, it requires embracing a fundamental shift in how you approach the subject. Cybersecurity today is an around-the-clock job that requires using a variety of different technologies and strategies.

You can’t, in other words, rely on anti malware software anymore and expect it to work. But if you use it as part of a wider strategy that incorporates many different and layered protections, it can work.

Here is an example of what a robust cybersecurity strategy is comprised of today:

Physical access controls: All computing devices and equipment should be protected with strong identity verification controls, to protect unauthorized users from accessing core network services.

Regular patching: All hardware and software needs to be regularly monitored for security updates, to protect hackers from exploiting vulnerabilities.

Real-time network monitoring: Anomalies cannot go overlooked. They need to be detected and investigated in real-time in order to prevent them from spreading across the network.

Rapid-response troubleshooting: Cyberattacks can happen at any hour, not just when employees are in front of their desks. Businesses need cybersecurity experts in place to spring to action as soon as they are needed.

Employee education and awareness: A business is only as strong as its weakest cybersecurity link. Employees need to be aware of the threat landscape, so that they know what to avoid online.

Mobile security: Mobile devices are now considered to be one of the top threats facing enterprises today. As such, organizations need to use multifactor security to protect company and employee-owned devices. Strong password hygiene and biometrics should be used together for maximum protection.

VoiceVault is a leader in cloud-based voice biometric identity verification, and can provide critical support to enhance your company’s cybersecurity.

To learn more about VoiceVault, click here.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App