Tuesday 23 November 2010

The New Social Rules- Authentication is Essential

The New Social Rules - 24th November 2010

November has been non stop with Facebook launching a new service, offering email to its user base and opening more data about ourselves to a large organisation, what does this mean to The New Social Rules now?

I am looking forward to some interesting debate tomorrow with 100 people registered social media speakers from PayPal, ex Managing Director of MSN UK, Ketchum Pleon, Twitjobs and an angel investor the panel will be sharing their insights. The new rules of communication are constantly changing, social media impacts our outlook, the decisions we make now ,our future career, children and financial well being.

I urge you to take a few minute to crash through these slides on the new digital age, Tony Fish as ever has his finger on the pulse and is spot on:

'Reputation is all you have and your name is a good identity so don't abuse or loose either'

'Your digital footprint is worth more than your salary'

'Your password is the weakest point in your armour'

I will tomorrow be flying the flag for the need for communities, businesses and organisations to authenticate their users to protect not only the users but themselves.


'Don't sack the person who has the corporate login for your facebook fanpage, group, twitter accounts, linkedin profiles, until other people have access and admin rights- or you will be held hostage'

Wednesday 17 November 2010

Get Safe Online Week! in time for the Christmas Rush of Fraudsters


Get Safe Online is an annual event to raise awareness of internet safety issues.

A government initiative is reaching out to raise awareness of internet crime in consumers and small businesses through competitions, events and PR activity. The annual Get Safe Online Summit which has kicked off this week in central London.
Just in time for the busiest online sales season of the year, consumers need to take care they are on 'real' sites and not impart credit details to fake ones.
Action Fraud:launched by the National Fraud Authority (NFA), is the UK’s first national fraud reporting centre that provides a single point of contact for fraud victims where they can both report a fraud and seek guidance and advice.
Partner site: http://www.actionfraud.org.uk/

Online Christmas Shopping Tips Shoppers can make sure that gift buying online is stress-free by doing the following:

•Only deal with reputable sellers – use sites you can trust.Be particularly wary when buying from overseas. Be prepared to ask questions before buying. (Look for the LiveEnsure authenticate badge)
•Be sure you know who you are dealing with – always access the website you are planning to buy from by typing the address into your web browser. Never go to a website from a link in an unsolicited email and then enter your personal details or PIN.
•Trust your instincts – if an offer looks too good to believe then there is usually a catch. Be suspicious of prices that are too good to be true.
•Check delivery timescales and keep records – print out your order and keep copies of the retailer’s terms and conditions, returns policy, delivery conditions, postal address (not a post office box) and phone number (not a mobile number). Having this information will help if you subsequently encounter difficulties with your order.
•Section 75 protection – if you are buying something between £100 and £30,000 consider using a credit card, as you will then have extra protection through Section 75 of the Consumer Credit Act – for transactions in the UK and abroad. This states that should a problem subsequently arise, such as the company going out of business, you can claim your money back from your credit card company.
•Keep receipts and check these against your statement – if you spot a transaction you did not authorise speak to your card company immediately. If you are the innocent victim of any type of card fraud you will not suffer any financial loss.
The link above offers useful information if you are an online fraud victim this christmas.

Thursday 11 November 2010

Like Car Brakes? The Future for Security

Like car brakes? The future for security

I cannot agree more with Bruce Schneir of BT, the push for security is coming directly from consumers.Consumers assume they are secure... and now when they are not they are moving their custom.

The provider is going to be the website, application, community of whatever technology service is in operation. They will have to consider and build in the security, so seamlessly that the end user never has to think about it.This is where new technologies like LiveEnsure come into their own they are easily implemented across the consumer online experience.

I’ve talked about security being part of everything for years, I am pleased to say rising tide of user expectation is now forcing the reality. As this article from last weeks Gartner Symposium says Security will become a B2B market where security and solutions providers work together to create the magic. We are currently working with Virtual Technology Group, Global Mobile Solutions and FabriQate to make this a reality.

More and more, this makes security specifically, and IT as a whole, a utility.

Fear has been the best way to sell security.

Many vendors have tried to develop ROI models to prove value and build desire, but that’s never really worked, a great number stick with old products giving packaging and promotion regular facelifts. As the market moves to utility models like LiveEnsure, they’ll be much less need to prove the value of the “investment” as initial outlay is low.
Brands will spend the money because they have to.

In this new world we are selling reputation and the benefit of the solution, with strength of security as an assumed feature.

Just like the brakes on your car.

Inspiration taken from Ellen Ferrara who was reporting live from the Gartner Symposium/ITxpo. http://www.blog.bt.com/gartnerITxpo-cannes-2010/?p=174


To Learn more about LiveEnsure authentication for web and mobile: http://events.linkedin.com/LiveEnsureTM-Technology-Session/pub/407646

Wednesday 10 November 2010

Mash Up Security - making authentication safe for all!


On an Analyst Call yesterday our new technology, LiveEnsure™ came in the spotlight as new ways of doing things always do. We are making security available for developers to download and use without a long winded sales trail or price tag to match.

The Mash Up Question:

" I am concerned that as a mash-up - which is the combining of two different apps/services to create a new one that - this new " app" is somehow compromised because of a side door / opening created inadvertently in the process.. "

Answer:

LiveEnsure™ is a side-chain mashup, not a front-door mashup like openID, Google or Facebook login.

The communication, session and credential exchange are private to the site and LiveEnsure™, not the user. The user cannot "inadvertently" do anything outside or beside the site/app from their own volition. In addition, the ONLY the the user does is react and respond to the challenge, they are not initiators.

The process of authentication with LiveEnsure™ is a multi-factor "verification" of the primary "identification" process already resident in the existing site or app.

LiveEnsure™ does not "identify" users, which removes all possibility of false positives/negatives, or "letting someone in via side/back door".

The site identifies, we authenticate. We step outside the browser, app or session in a side chain, and merely verify the credentials of the site or app, session, device and user. The site then polls LE directly (outside of the user communication at either the site/app or Live endpoint) for authentication status. Status is not propagated or forced up the chain from LE to the site or user, thus also prevent unrequested or illegitimate status notification and possible bypass, hack, spoof or replay.

For these two fundamental reasons, LiveEnsure™ is:

a) additive security, not replacement or reduction (in the case of backdoor, "other" way in)
b) completely under the control of the site at all times, as there is no user session sharing or user initiation capabilities
c) side-chain logic, vs. front door, side door or back door "identify/detect" logic, thus immune to brute force
d) only adding security by its presence, not removing it by its absence (above what was initially there, i.e. user/pass, OpeniD, sso, etc).

LiveEnsure™ affordable, accessible authentication for web and mobile.

http://www.liveensure.com/

Cast your vote for LiveEnsure in the mashable awards... best newcomer: