Could Payment Processing Speed Up?
December 10, 2019The Beginnings Of RFID Technology
December 23, 2019PCI Compliance is very important. You cannot stay in business long by not maintaining compliance. If you don’t it will catch up to you and the results will not be good. Now of course no one wants to get hacked and suffer a data breach and according to Microsoft there is one piece of technology that can help to avoid 99.9% of all hacks via account takeovers and brute force attacks.
Sounds good doesn’t it and the best part is it is not hard to implement.
Multi-Factor Authentication
Multi-Factor Authentication is not a new piece of technology. It has been used for several years already and that time has given enough data to allow Microsoft to state that the usage of this technology alone has blocked 99.9% of all account takeovers via brute force attacks.
It works by incorporating another verification method to authenticate a user besides just a password. This could be as simple as a secret question or it could be much more complex like texting a user a one-time SMS code. It provides an extra layer of security for the user to prove that they are the correct person.
Growing In Popularity
Following the rash of data breaches in 2016 Microsoft first began to prevent users from using passwords that were found on the list of most commonly used passwords. While that helped prevent many attacks there were still many successes. It was determined that passwords simply did not matter. Why? Computers were able to brute force guess a password reasonably easily and the level of sophistication of attacks like phishing or malware on users led to many simply giving their password to the attacker. Throw in the fact that many users reuse the same password and it was a recipe for disaster.
Microsoft looked to another technology giant for an answer and that was Google. Google had allowed users to add a recovery phone number to their account. This action alone was found to block all automated bot attacks, 99% of bulk phishing attacks and 66% of targeted attacks. Microsoft took it a step further and incorporated Multi-Factor Authentication and it has grown from there.
Not Perfect But Better
Now of course Multi-Factor Authentication will not stop every attack but by being forced to enter an SMS code from the recovery number listed on file an attack can be stopped since the attacker does not have access to that number. By having to enter a secret question the chances of a bot correctly guessing it are remote and the chances of a human attacker knowing are also small. Even if a crook is able to get your password there is still that extra layer of security in place to keep them out. It will not stop every attack but it can stop most of them.
Multi-Factor Authentication can be incorporated by more than just the tech giants. You too can use it for your website or ecommerce platform and it can be as simple as installing a plugin. An extra step will be required for users to set up but since this has been put into place on other websites chances are those users are already familiar with it and will appreciate the extra layer of security. Your website or ecommerce platform have valuable information on them and they should be guarded. Now you have another tool in your toolbelt to do so.