Yesterday at MWC, alongside Executives from McAfee and Twilio, Callsign joined a discussion about maintaining consumer trust in a digital economy.
One of the topics raised was whether consumers need to take more responsibility in terms of keeping themselves safe online. Ultimately it is the consumer who is the weakest link in security – but can we go as far as to say that consumers are stupid?
Experts Comments below:
Zia Hayat, CEO and Founder at Callsign:
“Secondly, consumer expectations are very high. They presume the businesses that they engage with online will enforce the necessary security measures in place. In the same way a consumer believes they are paying a bank to keep their money safe in a physical vault, why should they have to think about the security of their retail banking platform?
“It is also important to remember that children have access to the internet, and they will not have that basic understanding of cybersecurity, or what they need to do to keep themselves safe. At the same time, scammers still catch out even the most tech-savvy of us with an unfortunately high number of people falling for even the most basic phishing scams. So, there is an urgent need for additional security measures to be put in place.
“In the early 2000’s two researchers from Carnegie Mellon, decided to calculate how much time it would take to actually read every website privacy policy you should. They calculated a whopping 76 days. Since then we have dramatically increased our use of the internet, consequently consumers don’t stand a chance in being able to digest all the information required to keep themselves 100% safe online.
“What is clear is that existing security technology just isn’t serving people properly. Companies need to stop thinking people are dumb and realise that it’s them that need to adapt their technology. We are living in an age of ‘blame culture’ amongst tech companies, but they need to wake up and take responsibility now.”
Professor Steven Furnell, Senior IEEE member and Professor of Information Security at University of Plymouth:
“While we see biometrics readily being used on mobile devices, they are not perfect and all of them still need a knowledge-based approach as a fallback. However, they are getting better in terms of both reliability and security – they work better for the intended users and are more resistant to spoofing by impostors.”
Professor Furnell went on to note that keeping biometric data secure is the biggest part of the challenge:
“The best approaches rely upon the biometric data itself not being shared. This is, for example, the approach that Apple has gone to great lengths to emphasise with its biometric implementations – the user’s data does not leave the device and is stored within a secure enclave within the processor, meaning that local apps don’t get to see it either.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.