News Insights: HSBC bank confirms US data breach

HSBC bank confirms US data breach

American customers’ statement and transaction histories have been exposed.

Responding to news that that HSBC bank confirms US data breach (BBC link) and Pakistani banks hit by biggest cyber attack in country’s history (SAMAA story), an expert on cybersecurity with Uniken offers perspective.

According to Bimal Gandhi, Chief Executive Officer, Uniken

“With over 5 billion credentials already compromised, it’s clear that expecting security based on passwords or knowledge-based credentials that consumers create and manage is doomed to fail. For this vicious cycle of breaches to end, the industry needs to move towards a better security model that is built on stronger omnichannel authentication mechanisms that rely on a combination of un-phishable factors that don’t burden the user, and can’t be compromised by attack vectors on the user, their devices or the network.

“While consumers are advised to not reuse credentials and create impenetrable passwords, it’s not realistic. In order for this vicious cycle of attacks to end, the industry needs to move towards omnichannel authentication mechanisms that don’t rely on credentials, and that don’t compromise the user-friendly user experience that today’s consumers expect.  

“For example, the integration of cryptographic authentication, channel security and intelligent endpoint threat detection can offer institutions, their consumers, and all in the payments ecosystem an advantageous defense-in-depth approach that migrates consumers away from easily compromised passwords and establishes trust, regardless of the channel on which the consumer transacts.  It’s time to face the fact that as a security solution, passwords are essentially obsolete.”