News & Comment: Online generators… of dashed expectations
Online generators… of dashed expectations
Online generators… of dashed expectations
Quite recently, we started to designate an entire class of sites — gift card generators — as fraudulent, despite their not stealing any money or personal data from visitors. Why? Let’s try to unpick these sites and see how they work.
COMMENT:
Robert Capps, Vice President of Business Development, NuData Security, a Mastercard company:
“This sort of bait-and-switch fraud existed long before the internet. But today it is more far-reaching by digitally piggybacking on the brand reputation of other companies to lure victims. This is why so many organizations who transact with customers online – from the banking and finance sector to eCom and major retailers – are layering in advanced security solutions, such as passive biometrics and behavioral analytics.
“Security-minded merchants and financial institutions are incorporating passive and active biometrics and behavioral analytics to verify customer identities online. By analyzing hundreds of indicators derived from the user’s online behavior, companies don’t have to rely on passwords, payment data, and other leaked information to make an authentication decision. Hackers can’t mimic that passive biometrics data, so even if a customer’s personally identifiable information has been stolen during a phishing attack, that information is not enough to commit fraud.”
Hugh Taylor
Hugh Taylor is a Certified Information Security Manager (CISM). In addition to editing Journal of Cyber Policy, he writes about cybersecurity, compliance and enterprise technology for such clients as Microsoft, IBM, SAP, HPE, Oracle, Google and Advanced Micro Devices. Prior to launching his freelance writing career, he served in executive roles at Microsoft, IBM and several venture-backed technology startups.