Gartner in two-factor authentication warning

By on
Gartner in two-factor authentication warning

Layer anti-fraud techniques.

Organisations must employ a multi-layered approach to fraud prevention if they are to thwart increasingly persistent hacking attacks that can now circumvent two-factor authentication devices, according to analyst firm Gartner.

In a new report released today, Where Strong Authentication Fails, Gartner recommends that organisations firstly monitor user access behaviour, by analysing all of a user's web traffic and spotting any automated programs.

Firms also need to keep an eye out for suspect transaction values, by looking at a particular transaction and comparing it to a profile of what constitutes " normal" behaviour. Out-of-band transaction verification can be used to further secure a transaction, by enabling the user to verify via a phone call.

"Fraudsters have definitely proven that strong two-factor authentication processes can be defeated," said Litan.

"A layered fraud prevention approach that includes server-based fraud detection and out-of-band transaction verification that precludes call forwarding to illegitimate user phone numbers has been proven to mitigate these threats.

"Gartner clients who have fended off such attacks have done so with either automated fraud detection or manual review of high-risk transactions."

Litan warned that while such attacks have thus far been targeted at financial institutions and their users' accounts, they are likely to "migrate to other sectors and applications" that contain sensitive data in the future.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
attacksauthenticationfraudgartnersecuritytransactiontwofactor

Sponsored Whitepapers

Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership
Don’t pay the ransom: A three-step guide to ransomware protection
Don’t pay the ransom: A three-step guide to ransomware protection

Events

Most Read Articles

Kmart Australia stands up consent-as-a-service platform

Kmart Australia stands up consent-as-a-service platform
NSW digital driver's licences 'easily forgeable'

NSW digital driver's licences 'easily forgeable'
Kmart Australia re-platforms ecommerce site to AWS

Kmart Australia re-platforms ecommerce site to AWS
NBN Co's 250Mbps and gigabit growth is finally clear

NBN Co's 250Mbps and gigabit growth is finally clear

Digital Nation

COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
As NFTs gain traction, businesses start taking early bets
As NFTs gain traction, businesses start taking early bets
Case Study: PlayHQ leverages graph technologies for sports administration
Case Study: PlayHQ leverages graph technologies for sports administration
The other ‘CTO’: The emerging role of the chief transformation officer
The other ‘CTO’: The emerging role of the chief transformation officer
Metaverse hype will transition into new business models by mid decade: Gartner
Metaverse hype will transition into new business models by mid decade: Gartner

Log In

  |  Forgot your password?