Retail Online Integration

You will be automatically redirected to retailonlineintegration in 20 seconds.
Skip this advertisement.

Advertisement
Follow us on
Connect
Advertisement
 

The Password is …

Merchants need new authentication tactics to protect themselves from an epidemic of data breaches

April 2014 By Andreas Baumhof
Get the Flash Player to see this rotator.
 

Recent data breaches, including those of Target, Neiman Marcus, Adobe, LivingSocial and SnapChat, indicate that merely evaluating passwords isn't an effective way to protect the systems that guard online customer account information. These are high-profile examples, but in reality nearly all online merchants are experiencing an onslaught of attacks as criminals attempt to break into their systems and steal credit card and other sensitive data. Even relatively small retailers are being assaulted. For many of these businesses, unless they adopt new authentication tactics and implement better controls, it's just a matter of time until they too become a statistic.

Studies have repeatedly shown that the most damaging and expensive cyber attacks all have one thing in common: hackers defeat the system's authentication system. Today's sophisticated cybercriminals employ numerous strategies to crack, discover or steal passwords and/or login credentials. Countless victims fall prey to spear phishing and pharming attacks, as devious and cunning thieves are very good at secretly deploying malicious software that's capable of capturing IDs and passwords.

Although it's uncertain what percentage of malware can actually capture login credentials, most malicious programs are designed to do exactly that. With 30 percent to 50 percent of PCs known to be infected, every online business needs to take heed. Mobile devices aren't immune to malware either. Juniper Network's Third Annual Mobile Threats Report revealed that mobile malware grew by more than 600 percent during the previous 12 months.

Phishing and malware aren't the only ways credentials are obtained, however. Employees frequently share their passwords with unauthorized individuals, and weak passwords that are easily cracked or guessed are still commonly used. In spite of the emphasis placed on using strong passwords, it's estimated that over 30 percent of all passwords are very weak and easily compromised. Even stronger passwords don't necessarily equate to a safe harbor. Numerous reports released this past year have shown that most strong passwords can also be cracked by skilled cybercriminals. Research from Deloitte revealed that with the right tools and access, 90 percent of user-generated passwords can be discovered or cracked in a matter of seconds, including passwords once thought to be strong — e.g., those with at least eight characters, using both upper and lower case letters, containing at least one symbol and having at least one number.

 

Companies Mentioned:

COMMENTS

Click here to leave a comment...
Comment *
Most Recent Comments:

SPONSORED CONTENT

MORE ON E-COMMERCE >>

FROM THE BOOKSTORE

You have a worthy project AND you’ve identified a prospect with means. How do you connect the two in a way that produces a sizable gift? Jerold Panas, America’s premier fundraiser, shows you exactly how in How to Make a Case Your Donors Will Love. Making a Case Your Donors Will Love

You have a worthy project AND you’ve identified a prospect with means. How do you connect the two in a way that produces a sizable gift? Jerold Panas, America’s premier fundraiser, shows you exactly how in How to Make a Case Your Donors Will Love....

ORDER NOW

You know you need to gather donor data. But why? And more 
importantly, how? And even more importantly, what do you do with it once
 you've gathered it? Are you gathering too much? Or the wrong kind?
	This new 
	FundRaising Success
	webinar brings the case-study format of our popular Engage conference 
to an extended, value-added webinar that will dig deep and give 
nonprofits guidance on the best ways to gather and use donor information
 — as well as take the mystery and trepidation out of the whole issue.
	Featuring:
	Page Bullington, Target Analytics; Mazarine Treyz, "The Wild Woman of 
Fundraising and Social Media"; and Roger Hiyama, Russ Reid
	Duration: 75 minutes
	Cost: $19.95AVAILABLE ON-DEMAND UNTIL 9/9/14
	Click here to view this webinar today! Engage Virtual Workshop: Driving Donations with Data

You know you need to gather donor data. But why? And more importantly, how? And even more importantly, what do you do with it once you've gathered it? Are you gathering too much? Or the wrong kind? This new FundRaising Success webinar brings the case-study format of our popular...

ORDER NOW

 

SUBSCRIBE TO ROI Report

Receive our FREE Weekly
e-newsletter:
     Privacy Policy
 

RETAIL ONLINE INTEGRATION MAGAZINE:

Get Your FREE Subscription to Retail Online Integration:
July/August 2014
     Privacy Policy