• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer
  • Our Services
  • Contact Us
  • Newsletter
  • Top Nav Social Icons

FindBiometrics

FindBiometrics

Global Identity Management

  • Biometrics
    • What are Biometrics?
    • FAQ
    • Biometric Associations
    • Companies
    • Premier Partners
  • News
    • Featured Articles
    • Interviews
    • Thought Leadership
    • Podcasts
    • Webinars
    • Year in Review
  • Applications
    • Biometric Security
    • Border Control and Airport Biometrics
    • Consumer and Residential Biometrics
    • Financial Biometrics
    • Fingerprint & Biometric Locks
    • Healthcare Biometrics
    • Justice and Law Enforcement Biometrics
    • Logical Access Control Biometrics
    • Mobile Biometrics
    • Other Biometric Applications
    • Physical Access Control Biometrics
    • Biometric Time and Attendance
  • Solutions
    • Behavioral Biometrics
    • Biometric Sensors and Detectors
    • Facial Recognition
    • Biometric Fingerprint Readers
    • Hand Readers & Finger Scanners
    • Iris Recognition
    • Biometric Middleware and Software
    • Multimodal Biometrics
    • Physiological Biometrics
    • Smart Cards
    • Vein Recognition
    • Voice and Speech Recognition
  • Stocks
  • Events
  • Directory
  • Podcasts

FIDO Emphasizes Need For Strong Authentication in Wake of Timehop Breach

July 23, 2018

Timehop Data Breach Yields Valuable Lessons: FIDOEarlier this month, the company behind Timehop, a social media ‘time capsule’ app that shows users their older posts, revealed that it had suffered a data breach affecting 21 million users. And while the attack was not particularly exceptional as far as data breaches go, it nevertheless offers some food for thought, as FIDO Alliance Executive Director Brett McDowell points out in a new post on FIDO’s website.

McDowell begins his analysis by emphasizing the preventive benefits of multi-factor authentication. Like so many other organizations, Timehop announced that it had implemented such security after the hack attack – a prudent move with respect to future security risks, but one that was obviously taken a little too late.

But it’s the attack’s position within a larger regulatory framework that prompts a more incisive insight from McDowell. As he points out the July 4th attack occurred after the full implementation of the European Union’s General Data Protection Regulation. Under the GDPR rules, organizations are compelled to “demonstrate to regulators you had taken risk-appropriate measures ahead of any data breach incident,” McDowell notes. What’s more, any organization that processes payments for customers in the EU is required by PSD2 – another EU regulation – “to provide Secure Customer Authentication for those transactions, which explicitly requires at least two of the three factors of authentication: something you know (like a password), something you are (like a biometric), and/or something you have (like a cryptographic signature from a trusted device).”

In other words, it seems likely that Timehop should have implemented stronger security in the first place, security that might have prevented the July 4th hack attack. But with over half of businesses admitting that they don’t fully comply with EU regulations, according to a recent Gemalto study, this is a message that should be heeded by many more organizations beyond Timehop.

—

(Originally posted on Mobile ID World)

Related News

  • Biometric Authentication is Key to Success in a Post PSD2 Landscape: ReportBiometric Authentication is Key to Success in a Post PSD2 Landscape: Report
  • W3C Dubs FIDO’s WebAuthn Specification an Official Web StandardW3C Dubs FIDO’s WebAuthn Specification an Official Web Standard
  • Amid GDPR’s Implementation, FIDO Celebrates GrowthAmid GDPR’s Implementation, FIDO Celebrates Growth
  • FIDO Unveils New Website and Compliance Symbol for Passwordless AuthenticationFIDO Unveils New Website and Compliance Symbol for Passwordless Authentication
  • Here’s a Look at the Keynote Lineup for the FIDO Alliance’s Authenticate ConferenceHere’s a Look at the Keynote Lineup for the FIDO Alliance’s Authenticate Conference
  • Nok Nok Labs to Boost BBVA’s Mobile SecurityNok Nok Labs to Boost BBVA’s Mobile Security

Filed Under: News Tagged With: biometric authentication, digital security, European Union, FIDO, FIDO Alliance, GDPR, hack attacks, multi-factor authentication, multi-factor security, PSD2, regulations, Timehop

Primary Sidebar

Iris ID

Read the Latest 2020 Year in Review Analysis:

IDEMIA big box

Sponsored Links

AU10TIX, an identity management company headquartered in Israel, provides critical, modular solutions to link physical and digital identities so that companies and their customers can confidently connect.

CMITech is a leading provider of high performance, cost effective iris recognition systems. The company is setting the industry standard for advanced user interfaces that are fast, intuitive and effortless. Serving enrollment and authentication solutions of all sizes, CMITech systems include binoculars-type, wall mount, desktop, and kiosk-type product configurations.

Onfido is building the new identity standard for the internet.Our AI-based technology assesses whether a user’s government-issued ID is genuine or fraudulent, and then compares it against their facial biometrics. That’s how we give companies like Revolut, Zipcar and Bitstamp the assurance they need to onboard customers remotely and securely. Our mission is to create a more open world, where identity is the key to access.. For more information, please visit
www.onfido.com
TECH5 is an international technology company headquartered in Geneva, Switzerland, with branches in the US, Europe and Asia, dedicated to the design, development, and distribution of biometrics-driven Identity Management solutions. Target markets include Government and Private sectors with products powering Civil ID, Digital ID, eKYC, Digital Onboarding, Visitor Management and others. Learn more:
www.tech5.ai
ThreatMark brings trust to the digital world by providing cutting-edge fraud prevention solutions. Major banks use ThreatMark's AI-powered technology and behavioral biometrics to build secured banking experience to precisely verify their legitimate users, seamlessly across all digital channels. All while securing the users' most precious assets and keeping the fraudsters away. Learn more:
www.threatmark.com/
Aware ABIS webinar
MobileIDWorld

Mobile ID World is here to bring you the latest in mobile authentication solutions and application providers. Our company is dedicated to providing users with the best content and cutting edge information on technology, news, and mobile solutions for your mobile identity management needs.

NEC IDelight

Recent Posts

  • Fingerprint Cards Issues Revenue Projections for Q1
  • IDEX Biometrics Makes Nasdaq Debut
  • US Army’s Biometric Wearables Study to Examine Stress of Arctic Environment on Soldiers
  • American Airlines Lets Customers Use Air Miles to Pay for COVID Test
  • Precise Biometrics Provides Matching Algorithm for Qualcomm Fingerprint Sensors

Biometric Associations

IBIA and fido
Iris ID

Tweets

Footer

  • About Us
  • Company Directory
  • Advertise With Us
  • Contact Us
  • Privacy Policy
  • Terms of Use
  • Archives

Follow Us

Copyright © 2021 FindBiometrics