Yearly Archives: 2016

Security-Hackers-Black-Friday-Thanksgiving

Black Friday: Hackers are Shopping too!

Phone: Charged.
Cards: Ready.
Game: ON.

It’s “Black Friday”.

But wait before you dive in, make sure you’re staying safe while you shop, and these days it means protecting yourself from online theft.

Black Friday is one of the biggest shopping days of the year (137M shoppers expected this year during the four happy days of Black Friday sales), with consumers expected to spend over $3B on the day this year – a lot of money and personal data that could be snatched up by the hackers. Our Vice President – Products, Deepak Panigrahy, enlists few ways to shop safely and cautiously.

  • Use Credit Card instead of Debit Card: In comparison to Debit Cards, Credit cards offer users more protections if the card is compromised, and won’t impact your checking account during the holiday season if there’s an issue.

Never provide your banking or credit/debit card information over an unsecured public WiFi network.

  • Avoid Using IoT Devices to Pay: IoT attacks were remarkable not only for their size, but also for the source and nature of the traffic they used. Recent studies have found that a malware, called Kaiten, which targets home routers and Internet of Things (IoT) devices, has now been released to the world at large, under the name Mirai, and targets more than 60 default username and password combinations.
  • Don’t Use the Same Password for Everything: Despite the best efforts of biometric and other security companies like ours, the main method of authentication for online or mobile purchases is still passwords.

Do not use the same password for all online purchases.

  • Beware of Email Receipts for Unrecognized Purchases: Phishing emails have been around since email, and they still continue to “work”.

Shop only at credible, reputable websites, and look for URLs that start with “https”, which are more secure than “http” sites. Remember, Hackers often use “can’t miss” deals to lure unsuspecting customers and collect credit card or financial information.

Remember—hackers are shopping today too along with you. Stay safe, and good luck! Happy Thanksgiving!

Fin5ive Winners at BankTech Asia 2016

EZMCOM – Fin5ive Winner for Mobility / Mobile VAS

It is pleasure to announce that EZMCOM won the Best Mobility / Mobile VAS startup at BankTech Asia Conference 2016, emerging as the Fin5ive Winner at the conference. The team got an opportunity to present its new generation mobile based “Fusion Biometric Authentication with ID Proofing”. The ID Proofing through smartphones has been widely appreciated with multiple PoC and pilot requests in government and banking sectors in Malaysia, Vietnam, Indonesia, Philippines and Sri Lanka. Below are some pictures from the event.

Fin5ive Award Presenting Fusion Biometric Authentication with ID Proofing EZMCOM Booth at BankTech Asia EZMCOM Booth

Our CTO, Anupam Ratha, presented the new revamped product pitch. Our Vice-President – Products & Global Business, Deepak Panigrahy was also present along with EZMCOM team members. Speaking at the conference, Anupam mentioned,

“EZMCOM is at the cusp of innovating products, bringing the real power of authentication into the hands of the consumer by authenticating users for who they are through features known as biometrics”.

While accepting the award, Deepak mentioned,

“It was a privilege to be recognised for innovation in the category of Mobility/Mobile VAS. Mobile is going to change the way we conduct our banking next few years and I am very optimistic about our biometric journey.”

About BankTech Asia

As the technological environment in this industry is extremely volatile and ever changing, BankTech Asia –Regional Series @ Kuala Lumpur will bring you the latest on what’s hot and what’s not from the industry, while displaying the state of the art banking technological elements that were utilized in creating new tools to boost customer’s banking experience.

For banks in Asia, digital innovation provides an avenue for harnessing some of the world’s fastest growth in the world’s largest markets, with the world’s most advanced technologies. 2016 will be the year that looks not only at the future technologies but also at the application of these various tools in the banking industry to take it into the future in order to become a truly digitized industry.

Winner of BankTech Asia 2016

EZMCOM: Winner of BankTech Asia 2016 Matchi Challenge

Winner of BankTech Asia 2016
EZMCOM wins the Matchi Challenge for BankTech Asia

EZMCOM has emerged as the winner for BankTech Asia 2016 Matchi Challenge, winning a critical demonstration time slot in front crucial stakeholders of Asia.

Thank you Matchi and Thank you Judges for selecting us winners in the Mobility/Mobile VAS category.

We look forward to welcome and visit us to know more about Mobile Biometric Authentication with ID Proofing at:

Booth No: 13

Venue:Connexion Conference & Event Centre, Kuala Lumpur, Malaysia

Date: November 8 – November 9

Live Demo Time: 11.35 am – 12.20 pm, November 8

Matchi Announcement of Winners: https://matchi.biz/news/34-matchi-en-gb/news-en-gb/630-banktech-asia-fin5ive-challenge-winners-announcement.html

BankTech Asia 2016 Conference Website: http://www.banktechasia.com/regional-series-kuala-lumpur/

EZMCOM Biometric Authentication

Money 20/20: Biometric Digital Security

EZMCOM Biometric Authentication
EZMCOM Biometric Authentication

We missed “Money 20/20” this year but we could not stay away from the excitement and enthusiasm generated for the “Future of Biometric” in banking and financial firms.

Digital Identity and Digital Security has been the spotlight in 2016 and we anticipate that the curiosity and adoption is going to take leap steps forward in 2017 and 2018.

Username and passwords are the most prominent but just like some of our fellow competitors such as Daon, Nok Nok Labs and BehavioSec, we envision a world where username and passwords can be replaced by different biometric mechanisms, both physical (face, voice, fingerprint, iris) and behavioural (cognitive fingerprinting such as keyboard dynamics, mobile gestures, location, velocity, device fingerprinting).

In today’s world, when banks adopt strong customer authentication, they not only incur significant costs but also impact the quality of user experience adversely. We hope that in coming days biometric authentications would be able to address this problem, thereby, bringing the much needed right balance to strong customer authentication. Mobile has emerged as the most preferred mechanism right from the introduction of TouchID by Apple. A mobile’s basic features such as camera and speaker can be used for face and voice authentications respectively while enhanced features such as telemetry can be used in terms of location and other behavioural signals.

In July 2016, the Federal Financial Institutions Examination Council recommended that banks and financial institutions replace conventional one-factor authentication mechanisms, such as usernames and passwords, with secure biometric mechanisms. In October 2016, UK banks were slammed for lack of adequate strong customer authentication.

At EZMCOM, we are excited about the Biometric and Behavioural Authentication and we are confident that banks and financial institutions would go for user convenience with security oriented products. Digital is the future and while embracing digital, one cannot adopt the conventional security or stay away from bringing the security solutions with quality of user convenience in mind.

 

EZMCOM: Finalist for India Fintech Awards

Glad to announce that EZMCOM has been selected as the finalists in the Corporate Category for India Fintech awards. EZMCOM would be pitching alongside other finalists, CustomerXPs, BankBazaar and FreeCharge.

We will be keenly looking forward to present EZMCOM’s Fusion Biometric Authentication, a powerful and effective user-friendly yet secure Facial and Voice FIDO-compliant mobile SDK in November.

To take a sneak peak, take a look at our Introductory Video below:

EZMCOM wins Top100 Africa FinTech Award

EZMCOM – Top 100 Africa FinTech

EZMCOM wins Top100 Africa FinTech Award
Ezmcom 2016 Africa FinTech Top 100 Award

EZMCOM has been selected as the Top 100 Africa FinTech Firm. We thank judges, our customers, mostly prospects, and our partners to vote for us and make us one of the Top 100 FinTech firms.

Our Risk based Fusion Biometric Authentication (Face, Voice & TouchID) and User and Entity Behaviour Analytics (UEBA), in addition to existing Multifactor and Risk based Adaptive Authentication stack, provides a complete suite of authentication for Banks and Enterprises alike.

We will continue to work hard to bring innovative products with an extremely strong Behavioural Authentication Roadmap.

Thank you once again, Africa. For details about us, you can write to us at sales@ezmcom.com

Ezmcom adds RuPay Support

Ezmcom Announces Release of RuPay PaySecure in its 3D Secure Authentication Platform

Ezmcom adds RuPay Support
Rupay Support in EZMCOM ActiveAccess 3D Secure Authentication

EZMCOM announces the release of ActiveAccess version 7.1 and support for RuPay PaySecure in collaboration with GPayments

Following collaboration with its partner, GPayments, EZMCOM Inc is pleased to announce support for RuPay PaySecure, within its Issuer Authentication platform, ActiveAccess. Launched by the National Payments Corporation of India, RuPay PaySecure is a Two-Factor Authentication (2FA) solution for eCommerce transactions for the Indian domestic card scheme, RuPay.

EZMCOM would be the preferred implementation partner for of ActiveAccess v7.1, requiring RuPay PaySecure support in India.

“We are very pleased to form a strategic partnership with GPayments in India. By combining EZMCOM’s expertise and security stack of Multifactor Authentication (MFA), User Entity Behaviour Analytics (UEBA) and Risk Based Adaptive Authentication (RBAA) to improve secure user experience, with GPayment’s vision of entering the Indian market, we can define exciting new opportunities for cost effective, yet secure, Card Not Present Transactions, involving RuPay, Visa, MasterCard, JCB and AMEX.” said Deepak Panigrahy, Vice President, Products of EZMCOM Inc.

GPayments commented: “As we enter the Indian market, we understand the need to support RuPay to match the expectations of countries like India as it they becomes digital countries. Our support for RuPay represents our belief that the future potential of Card Not Present transactions in India is vast bright and requires a very cost effective and secure operating model as both transaction volumes increase and real-time risk based authentication becomes a necessity for supporting eCommerce business. We are very pleased to be working with EZMCOM, in this development, recognising them as market leaders in security and authentication in the region.”

About Ezmcom

EZMCOM is a security access provider for innovative and easy-to-use technology that can be deployed to protect users, data, and applications from credential theft, account takeover and breaches. EZMCOM is working with companies worldwide to change the way we authenticate and authorize – across mobile devices, servers, workstations within enterprise and cloud services. With over 50 million end users protected, EZMCOM’s multilayer multi-factor identity protection solution profiles online identities, self learns, tunes itself, and converts existing username and passwords into very strong credentials. All of this is done seamlessly, in real time, transparent to end-user. The solution comprises of a multi-layer defense-in-depth stack of Entity User Behavior Authentication (EUBA), Risk Based Authentication and a comprehensive suite of strong authentication form factors comprising of Software & Hardware based OTP, eSignature Tokens, Software & Hardware PKI Tokens, Out-of-Band OTP Tokens over Text message | E-mail | Voice | Mobile Push notifications.

For any queries on 3D Secure Authentication, please write to us at sales@ezmcom.com

RIP SMS OTP

NIST: Time for SMS OTP Tokens to “RIP”

RIP SMS OTP
SMS OTP to be dropped from standards

National Institute of Standards and Technology (NIST) is an agency of the U.S. Department of Commerce and one of the nation’s oldest physical science laboratories.

An upcoming pair of “special publications” from NIST know as its official communiques have updated its recommendations for a host of authentication and security issues, and the documents are up for “public preview”. In its publication up for review, NIST active discourages using SMS as an “out of band authenticator” — essentially, a method for delivering a one-time use code for 2FA.

… If the out of band verification is to be made using a SMS message on a public mobile telephone network, the verifier SHALL verify that the pre-registered telephone number being used is actually associated with a mobile network and not with a VoIP (or other software-based) service. It then sends the SMS message to the pre-registered telephone number. Changing the pre-registered telephone number SHALL NOT be possible without two-factor authentication at the time of the change. OOB using SMS is deprecated, and will no longer be allowed in future releases of this guidance…

NIST recommends the use of alternative dedicated 2FA mobile apps. It adds that there are plenty of options — SMS was just the easy one!

EZMCOM Inc provides innovative multi-layer multi-factor identity protection solution including emerging behavioural and risk fusion biometric authentication form factors. Powering more than 300+ Customers, including 40+ banks across the world, Ezmcom powers authentications for 50M+ end users daily.

Contact us on info@ezmcom.com or call +1 (510) 396 3894 (USA/CANADA) / +60 12 570 1114 (ASEAN/ANZ) / +91 (776) 082 5225 ( APAC/EMEA)

Initially, the information appeared in an article at TechCrunch.

Ezmcom-DataWide

Ezmcom expands in Kingdom of Saudi Arabia with partnership of Data-Wide

Ezmcom-DataWide
Ezmcom-DataWide Partnership Announcement

Ezmcom Inc (EZMCOM) announces a new partnership today: Data Wide (DW), an IT and Information Security firm, has joined the Ezmcom Partner Program. DW will now offer Ezmcom’s complete suite of Multifactor Authentication (MFA/2FA), Risk based adaptive authentication (RBAA), 3D Secure Authentication, Innovative Display Credit and Debit Cards, PKI Digital Signatures and Digital Document Verification solutions and associated services to its clients.

As a partner of Ezmcom, DW will expand its service offering and commitment to excellence in service and support through Ezmcom. DW and its clients will get both the best of breed technology and the best in network solutions—continuing to ensure that their customers get the proper solutions that fit their business needs.

“Partnering with Ezmcom brings our clients the solutions, resources and expertise they need to navigate today’s complex information security landscape through well balanced user convenience”, said Mohammed Omer Farooq, Director for DataWide. “Ezmcom has been innovating its product and service suites to meet market demands and is dedicated to the customer experience; this shared philosophy makes our partnership a natural fit”.

 

Deepak Panigrahy, Vice President of Ezmcom commented, “We are very excited to welcome DataWide, the Kingdom of Saudi Arabia’s leading Information Security provider, as our partner in KSA and we believe we would bring more happiness to the customers in Kingdom of Saudi Arabia together and help security become the business enabler with our products the customers need and desire, the networks and associated access they require and the service experience they deserve.”

 

To learn more about Ezmcom’s Partner Program contact us at sales@ezmcom.com

To learn more about Data Wide, contact the team at info@data-wide.com

About Ezmcom Inc

EZMCOM is a security access provider for innovative and easy-to- use technology that can be deployed to protect users, data, and applications from credential theft, account takeover and breaches. EZMCOM is working with companies worldwide to change the way we authenticate and authorize – across mobile devices, servers, workstations within enterprise and cloud services. With over 60 million end users protected, EZMCOM’s multilayer multi-factor identity protection solution protects online identities, self learns, tunes itself, and converts existing username and passwords into very strong credentials. All of this is done seamlessly, in real time, transparent to end-user. The solution comprises of a multi-layer defense-in-depth stack of Entity User Behavior Authentication (EUBA), Risk based Fusion Biometrics (Face+Voice), Risk Based Adaptive Authentication, Risk Based 3D Secure Authentication (verified by VISA, MasterCard, JCB and AMEX) and a comprehensive suite of strong authentication form factors comprising of Software & Hardware based OTP, eSignature Tokens, Software & Hardware PKI Tokens, Out-of-Band OTP Tokens over Text message | E-mail | Voice | Mobile Push notifications.

The Product is “Common Criteria” Certified and meets all regulations and compliance across the world.

About DataWide

Data Wide is a renowned Information technology company slanted towards delivering restructured IT & Information Security solutions and services to the diversified industry of the Kingdom of Saudi Arabia. Because of Data Wide’s cutting edge services in the field of IT and Information Security; it has covered the entire financial sector of Saudi Arabia securing and maintaining the most sensitive and confidential financial network of trillions of Dollars.

DataWide and Ezmcom would be showcasing their solutions at 3rd Cyber Security Forum 2016 at Riyadh, Kingdom of Saudi Arabia on May 22-23. For details about the conference, visit the conference details at here.