Thursday, October 4, 2007

Yahoo, PayPal, eBay acting for Authentication Technology


Yahoo Inc., eBay Inc. and PayPal have joined forces to protect customers against fraudulent e-mails and phishing attacks with the implementation of new authentication technology.


From today, eBay and PayPal customers worldwide using Yahoo! Mail and Yahoo!7 Mail in Australia can expect fewer fake e-mails claiming to be sent by eBay and PayPal. Yahoo! Mail is the first Web mail service to block these types of malicious messages for eBay and PayPal through the use of DomainKeys e-mail authentication technology, which is already available in Yahoo!7 Mail.


The technology upgrade will be rolled out globally over the next few weeks to users of the service.


PayPal CISO, Michael Barrett, said the adoption of digital e-mail signing technology and the aggressive collaborative stance being taken by all three companies is a significant step forward in the fight to protect customers against e-mail based crimes. "While the battle against phishing and identity theft scammers will continue to require a multi-faceted approach, today's announcement demonstrates the power of DomainKeys and the security benefits to be gained by e-mail users worldwide," Barrett said.


PayPal operates more than 153 million accounts in 190 markets and in 17 currencies around the globe.


Both eBay and PayPal are early adopters of DomainKeys technology. It provides a unique way to verify the authenticity of e-mail messages, allowing Internet Service Providers (ISPs) to determine if messages should be delivered to a customer's inbox.


The collaborative effort between Yahoo!7, eBay and PayPal will block unauthenticated e-mail, reducing the volume of counterfeit e-mail and lowering the risk of unauthorized account activity and identity theft due to phishing attacks. eBay CISO, Dave Cullinane, said through cooperation the industry can collectively stamp out phishing and other e-mail scams.



Why 'authentication' technology can help your business


Today, more than ever, protecting one's electronic identity has become a top priority


And well it should. As identity thieves and computer hackers devise increasingly- sophisticated methods to steal confidential data, computers users must take greater precautions to protect their vital information.


With so much at stake, more than antivirus software and system patches are needed. Authentication technologies - and you - can help. As a financial advisor to small businesses, you have a unique opportunity to educate clients about available technologies that can validate the security and integrity of their confidential information. You may also want to implement these technologies at your office to better protect your clients' information, too.


While authentication technology has been around since the early days of computing, increased awareness due to more information security threats and greater affordability are pushing the use of these technologies to the forefront. In simplest terms, authentication technologies help to ensure an individual is who they claim to be. They "authenticate" or validate an individual's identity and control access to resources in three broad categories: something you know, something you have and something you are.


While authentication technology has been around since the early days of computing, increased awareness due to more information security threats and greater affordability are pushing the use of these technologies to the forefront. In simplest terms, authentication technologies help to ensure an individual is who they claim to be. They "authenticate" or validate an individual's identity and control access to resources in three broad categories: something you know, something you have and something you are.



Something you know: passwords


Passwords are the least expensive and most common type of authentication technology. Based on "something you know," passwords require a user to remember a string of characters and enter this information to gain access to a desired resource. Unfortunately, passwords are also one of the weakest forms of authentication technology, most often because of the users themselves. Passwords that are shared, left blank, unchanged for long periods of time, reused across multiple accounts or overly simplistic, leave the user at risk to even the most novice identity thief or simple hacking tool. Ultimately, passwords should continue to play a role in user authentication, but should be used in conjunction with other technologies for adequate security


Passwords are the least expensive and most common type of authentication technology. Based on "something you know," passwords require a user to remember a string of characters and enter this information to gain access to a desired resource. Unfortunately, passwords are also one of the weakest forms of authentication technology, most often because of the users themselves. Passwords that are shared, left blank, unchanged for long periods of time, reused across multiple accounts or overly simplistic, leave the user at risk to even the most novice identity thief or simple hacking tool. Ultimately, passwords should continue to play a role in user authentication, but should be used in conjunction with other technologies for adequate security




Technorati :

No comments: