FB pixel

FBI warns MFA is vulnerable, urges biometric, behavioral authentication methods integration

FBI warns MFA is vulnerable, urges biometric, behavioral authentication methods integration
 

According to the FBI’s recent Private Industry Notice, companies should urgently integrate extra layers of biometric factors and behavior recognition checks to prevent hackers from easily bypassing multi-factor authentication security systems. The Cyber Task Force warns that bad actors have the methods to deceive token and phone-based systems through social engineering, SIM swapping, and account-takeover malware such as Muraena and NecroBrowser.

As a result, the FBI recommends not only training staff to detect social engineering schemes, but also immediately implementing multi-factor authentication that includes biometrics or behavioral authentication methods such as time of day, geolocation, or IP address.

BIO-key claims its biometric hardware and software authentication solutions can fend off attackers and help ensure system protection. The company says its authentication solutions work unrestrictedly with more than 30 fingerprint scanner models from different manufacturers.

“Biometrics should not be an afterthought in a comprehensive Identity Access Management (IAM) strategy,” said Mike DePasquale, BIO-key CEO. “It should be a core design factor in an IAM platform, for end-user authentication, provisioning and governance. BIO-key offers our customers a comprehensive set of biometric authentication options, both on-device and on-server, to meet the real needs of business users.”

The company’s biometric authentication solutions were recently chosen by more County Election Boards in Florida to enhance the identification and authentication process for staff members and volunteers managing the voting process for the 2019 regional elections and the 2020 presidential election.

In September, BIO-key introduced a Channel Alliance Partner (CAP) program for Managed Service Providers (MSPs), Security Integrators, and VARs that deliver integrated multi-factor biometric security solutions for their customers.

According to Forbes, the FBI’s recent warning is quite unexpected, as multi-factor authentication in the form of a token or code received as text on a phone has been one of the key defenses in cybersecurity and identity verification so far. Digital Barriers CEO and Founder and Forbes contributor Zak Doffman explains the shock comes from an incredibly low number of attacks targeting multi-factor authentication.

A Microsoft report he cites says “The rate of compromise of accounts using any type of MFA is less than 0.1% of the general population” because “less than 10% of users per month” secure their enterprise accounts with multi-factor authentication.

Article Topics

 |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Deepfakes a ‘now problem’ as EU AI Act passes compliance deadline: Reality Defender

First it was Joe Biden, Kamala Harris and Taylor Swift. Now it’s Scarlett Johannson, Emmanuel Macron and Italy’s Defense Minister…

 

OneID raises £16 million

UK digital verification service OneID has secured new funding amid a rise of interest in digital identity among the country’s…

 

Digital ID verification can make property transactions more efficient, less prone to fraud

In the UK, Russia, South Korea, India and Pakistan, biometrics are making their way into real estate transactions, as digital…

 

IDV experts ponder death and resurrection of document verification

Is document verification dead? The question hangs over a debate hosted by Peak IDV CEO, Steve Craig. Five industry experts…

 

Jamaica operationalizing national digital ID with data exchange platform

Jamaica will make its digital identity available to all of its citizens, Custos of Kingston Steadman Fuller said on Thursday…

 

Philippines looks to boost digital ID adoption with rebrand, more services

The Philippines is hoping to boost the acceptance of its national digital identity with a new rebrand. The country is…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events