Bruce Schneier prescribes Transaction Authentication

PrescriptionI attended govcert.nl cyber crime symposium earlier this week with the theme “Initating Change”. I was able to listen and discuss with several of the most famous security experts. One of them was Bruce Schneier, he did a speech talking about prospect theory, and the need that we need to be technical intermediaries, hiding complex technology for the user and making it simple for him, creating high social sophistication, as we cannot educate the user.
Bruce again publicly told us that authenticating the user, is being inherently flawed, what really needs to happen is transaction authentication, meaning that the user understands what he’s consenting to. Details of the particular transaction must be understood and agreed by the customer. I fully agree with him, involving the user, and have the user to consent with details in the transaction is the future, where our technology for Transaction Authentication is named Todos Dynamic Signatures, and HHD in Germany.

Bruce continued provided several interesting insights, citing several statements from Behavioural Economy, the importance on understanding how user makes decision, and how the brain works, in order to protect financial transactions in the future.

A statement that I heard during these days was using standard two-factor authentication is: “customer present during fraud”, and: ” SSL is bank present during fraud”.

Advertisements

~ by petergullberg on October 9, 2009.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: