Enterprises prepare for strong customer authentication

photo5

September 2019 will see the launch of a new ecommerce authentication law as set out by the EU. Strong customer authentication, otherwise known as PSD2, will require all customers buying and banking online to use two-factor authentication to identify themselves, for example password and fingerprint. Enterprises around the EU are now trying to identify the banks that recognise the new law so that they can transition effectively without fines.

Imperial College London launches new international cybersecurity centre

photo4

A London-based university has announced the launch of a new cybersecurity centre which will unite the UK, US and Japan. During a launch meeting in Tokyo, proponents of the new centre said it would bring together experts in the field to tackle emerging challenges in cybersecurity. Issues that the centre will tackle involve security for large-scale events, such as the forthcoming Tokyo 2020 Olympics. The centre has five founding institutions, including the University of Maryland, Keio University and Royal Holloway.

Shoppers warned of new threat ahead of Amazon Prime Day

photo3

Cybersecurity experts have warned shoppers and companies to be careful when shopping on Amazon Prime Day this July. A prominent antivirus company has released information on a new phishing technique that hackers may be using to steal thousands of customers’ data. The phishing tool invites customers to click on a link to a website through an email, and then encourages them to enter personal data. Amazon has offered its shoppers tips to stay safe.

2018 cybersecurity investment trend cannot be matched

photo2

2018 saw a record investment in cybersecurity, according to FinTech Global. Following three large transactions in Hong Kong, 2018 saw the biggest investment in cybersecurity in history, valued at £6.9 billion. Now however, experts are saying that the same investment is not to be expected in 2019, having hit just $3.1 billion in H1. However, this is due to much smaller companies making smaller investments, rather than a downward trend in cybersecurity. 2018’s record was linked to a $500m investment from AI company SenseTime.

Cloudflare denies outage was attack

photo1

Hundreds of enterprises faced website downtime in July as it was reported that Cloudflare had experienced a major outage. Notable companies affected included Dropbox, Shopify and Zendesk, which in turn affected many businesses using their services. Content delivery network provider Cloudflare suffered two outages within the same week, and was subject to rumours that the outages were caused by a DDoS attack in China. However, the company claimed that the outages were down to a bad software deployment that was promptly rolled back. The company categorically denied an attack in their blog.

A New Approach To Passwords Security

Strong Unique Passwords Critical To Stay Safe Online Strong Unique Passwords Critical To Stay Safe Online

Passwords are the keys to your digital world

Passwords have become central to our lives. They are the keys that open the front door to our digital world, from our bank accounts to our communication accounts, our entertainment accounts to our social accounts.

While cyber breaches have increased by 75% in the last two years, Verizon reported 81% were linked to weak, reused or stolen passwords in 2017. It can go like this: a social site, hotel server, telecom service gets breached, or company staff falls victim of a phishing attack. With credentials like name, login and password, hackers can now try combinations or variations from records easily found on the dark web, onto services that most people use. As major data breaches are now recurrent, creating strong unique passwords for each account has become a critical step to stay safe online, while enabling two-factor authentication should be done whenever possible.

Unfortunately in the space of a few years, instead of needing 2-3 passwords, we now need 80-90+ passwords. Meanwhile strong passwords carry an inherent difficulty: they are hard to remember. Caught between the sheer number of passwords and the difficulty to remember them, people have increasingly looked for password managers for help.

Choosing the best password manager

There are two kinds of password managers on the market. In recent years, cloud password managers have become popular. You only need to remember a master password. Once you type in your master password, you can access all your passwords which are stored on the cloud. While it is convenient, the risk is the same as if you had one single key that opens everything in your physical world. Because your passwords are now centralised behind a single password, that password becomes your single point of failure. If you forget that master password, lose it, or it gets stolen, you risk losing everything. The other important issue to note is that you store your passwords in the same servers as millions of other people. Not only those constitute a targeted prize for cybercriminals and hackers, but if and when they get hacked, millions of people are instantly affected.

More recently, we found another way to solve the identity and access management headache. It starts with a radically different approach: rather than centralising passwords, the solution is based on a fully distributed risk-model. Instead of storing passwords on the cloud, encrypted passwords are saved locally on the device. Instead of storing all passwords behind a master password, each password is stored under one, two or three levels of security depending on their sensitivity. And instead of remembering a master password, each user accesses their passwords with a unique combination of finger print, pin, lock pattern, face ID and voice passphrase. Simply put, if your account email and password are leaked in a company data breach, your other accounts remain unaffected.

A trip back in time

If necessity is the mother of all invention, a trip back in time inspired the solution. A few years ago while visiting the ancient Greek city of MyCena, a simple logic applied in the Late Bronze Age caught my attention. The MyCena eans had built their city inside three concentric walls of protection: the first gate protected the city, the second gate the garrison, the third gate the king. Applying that logic, MyCena Password Fortress mobile application was launched with the mission to make passwords security as simple as possible. First the app helps you generate a strong unique password for each account, removing the pain of creating a new one yourself. Then you choose to save the password in Bronze, Silver or Gold level, our three levels of security. That’s all! Your password is saved, encrypted on your device, not on the cloud. You – and only you – can access your passwords quickly and safely. MyCena can also be used on multiple devices. And if you ever lose your device, a thief couldn’t access your passwords without your identifications including your biometrics, while you can simply reload your passwords onto a new device from an encrypted backup. In both an innovative and straightforward way, MyCena restores passwords original function as an identity proof: only the person with the right password for that particular account can see what’s behind it.

Protecting our critical data

Even though everyone needs to protect their passwords for their personal and family safety, MyCena primarily targets organisations holding sensitive information where a data breach would affect us all, such as defence, police, government, energy, water, utilities, infrastructure, technology, banking, healthcare, pharmaceuticals, transport, law…

MyCena is a mobile application for smartphones and tablets, downloadable from the Appstore or Google Play. Companies can sign up for a free trial on https://mycena.co