Heading into the holiday and online shopping season, we will undoubtedly see news headlines dominated by security and data breaches. Looking back on the year past, it is safe to claim 2014 as the “Year of the Data Breach,” yet I struggle to see a brighter future for 2015.
When looking broadly at the current state of cyber security, it is as if we haven’t yet learned from past experiences. It’s as if Target, Home Depot and others were simply flukes in what is otherwise a safe and secure world. As we draw closer to the holidays, it’s clear to see that retailers have not taken the proactive steps needed to protect their patrons, sticking with legacy payment systems and security protocols, likely leaving customers out in the cold.
Featured Download: Social media access at work. Do your employees know the rules?
Companies have dropped the ball far ahead of New Year’s Eve by failing to secure patrons. Whether it be Black Friday, Cyber Monday or last minute gift purchasing, millions of people may unwillingly be putting their identity, credit and money in the hands of cyber criminals. So how do we keep shoppers safe from cyber attacks? We give control back to the user. While consumers cannot easily control the way companies structure their internal security protocols, the use of user authentication enables them to stake a claim in the protection of their identity, payments and data interactions.
Up to now, the industry has approached security incorrectly and irresponsibly. We’ve made great progress in the use of fingerprint technology, but the cost of the phones that use it eliminate most of the user base. What we need is for the industry to accept and adopt a solution that stops focusing on firewalls, tokens and powerful encryption. Rather, we need the industry to take a look at what will best protect users – the users themselves.
Authentication is a very private, personal and interactive experience that takes place numerous times a day on behalf of each and every user. It’s not a password, widget or token but rather an individual statement of expression, authenticity and control playing into a user’s very essence online. It’s not about the technology; it’s about the person. It’s not the cloud; it’s the crowd.
With the level and number of threats we face today, shoppers cannot be left vulnerable while zero-day attacks take place, causing what is often a 100-day response from companies that in return install additional, useless security software. Nor can the majority of shoppers have their security ignored in favor of those who can afford the latest phones with slightly better security technology. Privacy is a basic human right and one that deserves a proactive, dynamic approach deployed by companies who depend on people flocking to their stores. We must combat this by thinking and acting differently.
‘Tis the season for giving, but let’s not give away our personal data.
About LiveEnsure
LiveEnsure® is the interactive authentication innovation company. We develop mobile security for cloud, web and apps on Apple iOS, Google Android and Windows.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.