Digital fingerprints are being sold in the Richlogs Marketplace according to a new report from IntSights. The report reveals thatdigital fingerprints which include the full fingerprinting of a user’s web browser and computer characteristics, allows an attacker to almost flawlessly impersonate the victim.
IntSights Exposes Top Dark Web Marketplace Selling Digital Browser Identities as the Latest Hot Commodity – Yahoo Finance: https://t.co/BPk9E0hkho #follow & #RT #cybersecurity #infosec
— KeoXes (@KeoXes) August 21, 2019
This is definitely a big threat for companies as most security tools do look at things like the type of device, browser – aside from username and password. Exposed fingerprints that include device information puts customers at risk, but we can’t forget that this digital fingerprint doesn’t include other parameters that can be unique to a user. For instance, simply looking at the regular time of the day for a user to log in, the types of activities that a user normally does within the environment, companies can start separating the stolen fingerprint from the actual user behind the device. This is even before talking about passive biometrics; the way a user types, moves the mouse, browses around the environment and also shows how they behave. These types of markets are a real threat, but if companies can look beyond those device-based parameters and start looking at how their users behave, including their passive biometric identities, they can still protect users and thwart the buyers of these digital identities.