\n
\nhttps:\/\/www.youtube.com\/watch?v=-Erg_9Y9y28&ab_channel=BoschSecurityandSafetySystems\n<\/div><\/figure>\n\n\n\n

https:\/\/www.boschsecurity.com\/gb\/en\/<\/a><\/p>\n","post_title":"Bosch Security Systems | Assuring employee safety","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bosch-security-systems-assuring-employee-safety","to_ping":"","pinged":"","post_modified":"2022-07-11 20:22:00","post_modified_gmt":"2022-07-11 19:22:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6070","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5921,"post_author":"3","post_date":"2021-04-30 17:35:38","post_date_gmt":"2021-04-30 16:35:38","post_content":"Reiknistofa bankanna (RB), an IT service provider for Icelandic financial institutions, has recently overhauled its security infrastructure with Genetec Security Center. Following a project from systems integrator Hafnes Ehf, RB is now using Genetec to manage its cameras, access control and video analytics through a single interface.\n\nRB is a provider of mission-critical IT systems for Icelandic financial institutions, responsible for the country\u2019s central clearance and settlement system, and a number of multi-tenant core banking solutions. RB places a very high importance on security, not only to ensure its data stays safe, but also to protect employees and visiting clients. While its server rooms and offices were protected via disparate video and access control systems, the technology was old, and maintenance was becoming both a financial and an operational burden.\n\nRB operates its solutions across multiple data centres in a shared, multi-bank environment. This requires a system that brings video and access control into a single solution. As an open unified platform, Genetec Security Center was reportedly chosen as it simplified daily security operations, allowed for further integration with other tools such as RB\u2019s heating and cooling systems, and delivered business-wide value.\n\n\u201cFrom day one we wanted a unified system which could help our teams understand the situation quickly; alerting them if anything required their attention,\u201d said Geir S\u00e6mundsson, Datacentre Manager at Reiknistofa bankanna. \u201cThe Genetec solution does just this and is allowing us to build-in customised alerts so we gain business intelligence \u2013 providing us with better ROI.\u201d\n\n\u201cPhysical security teams are demanding simplicity and greater functionality,\u201d added Anthonie van der Ploeg, Director of Sales for Benelux & Nordics at Genetec. \u201cUnification can offer them both by bringing together all security system components seamlessly in a single software platform in a way that can vastly improve security management. We are delighted that Iceland\u2019s Reiknistofa Bankanna has experienced the deep business insights Genetec Security Center is capable of delivering and we look forward to supporting them as they evolve and grow their operations.\u201d\n\n\u201cThe time savings delivered by Genetec have been immense,\u201d concluded S\u00e6mundsson. \u201cIt\u2019s been a worthwhile investment, especially as it can evolve with us, and allows us to move at our chosen speed. Considering its ease of use, deep integration and leading analytics, we look forward to continuing the partnership over the coming years.\u201d\n\nwww.genetec.com<\/a>","post_title":"Genetec protects Iceland\u2019s financial services backbone","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"genetec-protects-icelands-financial-services-backbone","to_ping":"","pinged":"","post_modified":"2023-01-23 10:33:37","post_modified_gmt":"2023-01-23 10:33:37","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5921","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5156,"post_author":"3","post_date":"2021-03-04 08:47:26","post_date_gmt":"2021-03-04 08:47:26","post_content":"Bothwell Exchange, a new construction commercial space in Glasgow, Scotland, has installed an array of Boon Edam\u2019s Speedlane Slide optical turnstiles in the lobby and two TQA automatic revolving doors at the main entrance to control access.\n\nBothwell Exchange is a 9-storey, 155,000 sq. ft. commercial building located at 122 Waterloo Street in Glasgow, Scotland\u2019s International Financial Services District (IFSD). The location houses various international banking giants, as well as a gym, a kitchen and other amenities for employees. Architectural firm Michael Laird Associates led the design of the project, to create modern design with an open, column-free look and feel.\n\nWhen the project was completed, Bothwell Exchange was named the first development in Scotland to achieve the Platinum Wiredscore Certification, demonstrating that the building goes above and beyond to meet its tenants\u2019 connectivity needs. Bothwell Exchange was also awarded a BREEAM Excellent Rating, a performance standard which measures a building\u2019s sustainable value in a series of categories, ranging from energy to ecology.\n\nThe architects wanted to incorporate an automatic revolving door into the entrance of the building. Revolving doors are \u201calways open, always closed,\u201d meaning that no matter the position of the door, there is always a seal between the outside environment and the interior building. This helps save on energy costs and lobby space, without slowing down traffic. In consideration of these benefits, it was decided that the Bothwell Exchange entrance would consist of two automatic, 4-wing TQA revolving doors finished in 316 stainless steel. Additionally, for added security after hours, each door was outfitted with an external night sliding door set that completely seals the throat opening and can be locked to deter intruders.\n\nDuring the construction phase of building design, the architects communicated a need to incorporate security measures into the open lobby without impairing the flow of traffic in and out of the building. After a discussion around the estimated traffic needs of the building, the team decided to install a four-lane array of Speedlane Slide optical turnstiles to control unauthorised entry while still allowing 20-30 people per lane to enter each minute. To handle multiple types of traffic, the turnstile array was comprised of three standard-width lanes and one ADA-width lane. The wide lane would accommodate both employee traffic and the occasional wheelchair or delivery.\n\nwww.boonedam.com<\/a>","post_title":"Bothwell Exchange installs Boon Edam turnstiles and revolving doors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bothwell-exchange-installs-boon-edam-turnstiles-and-revolving-doors","to_ping":"","pinged":"","post_modified":"2021-03-04 08:47:30","post_modified_gmt":"2021-03-04 08:47:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5156","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4810,"post_author":"3","post_date":"2021-02-03 15:16:33","post_date_gmt":"2021-02-03 15:16:33","post_content":"Dahua Technology UK and Ireland has created a feature-rich virtual experience dubbed the Virtual Innovation Centre as a way to counter the continued absence of face-to-face trade events during the pandemic.\n\nThe innovation centre features immersive virtual reality, where visitors are able to walk through a pavilion and see Dahua\u2019s latest product and technology innovations. Visitors can select an automatic tour of the entire pavilion to get an overview on what is on offer, with the option of stopping at particular exhibits to drill down to the level of detail they require. Alternatively, visitors can navigate the pavilion at their own pace, stopping off wherever they like. Users can visit the site around the clock, and there is no limit to the number of times it can be accessed.\n\n\u201cWe are thrilled by the launch of our Virtual Innovation Centre, which has been carefully planned and designed to give users the optimum experience from the comfort and safety of their own homes or offices,\u201d said Michael Lawrence, Marketing Director for Dahua UK & Ireland. \u201cIt is the closest thing visitors can get to a live physical exhibition, but with the addition of a wealth of multimedia and online content.\u201d\n\nExhibits include: video solutions with AI learning capabilities; a range of temperature monitoring solutions including TMAC, Dahua\u2019s contactless temperature monitoring access control system; smart home and smart retail applications; and video intercom solutions. There are also areas dedicated to specific vertical applications such as smart transport, safe cities, smart retail and smart banking.\n\nvirtual-innovation-centre.dahuasecuritysolutions.co.uk<\/a>","post_title":"Dahua UK and Ireland launches virtual innovation centre","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"dahua-uk-and-ireland-launches-virtual-innovation-centre","to_ping":"","pinged":"","post_modified":"2021-02-03 15:16:35","post_modified_gmt":"2021-02-03 15:16:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4810","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4801,"post_author":"3","post_date":"2021-02-03 09:41:54","post_date_gmt":"2021-02-03 09:41:54","post_content":"Ping Identity has launched PingOne Verify, a cloud service that helps enterprises verify their customers\u2019 identities for rapid account onboarding, authentication and fraud prevention. The new service is the latest addition to Ping Identity\u2019s suite of cloud services for identity and access management (IAM).\n\n\u201cEnterprises need individuals to verify their identity to prevent fraud, but if the verification process is too cumbersome, they risk losing customers in their first interactions with the business,\u201d said Andre Durand, CEO and founder of Ping Identity. \u201cPingOne Verify is a simple way to verify identities that meets all of an enterprise\u2019s security requirements, while giving customers a streamlined, passwordless, onboarding experience.\u201d\n\nPingOne Verify enables enterprises to embed identity verification directly into their customer-facing mobile app. Customers provide live-capture selfies along with an image of their government-issued identification card, such as a driver\u2019s license or passport. The technology leverages \u2018liveness detection\u2019, in which customers\u2019 facial gestures \u2013 like smiling and straight-faced \u2013 are captured in a continuous stream, rather than a single static image, allowing PingOne Verify to ensure the end-user is a real, live person who is able to follow instructions.\n\nThe system uses facial recognition technology to match the live-face capture with the customer\u2019s image on their government ID. Once it is determined to be a match, PingOne Verify then taps into external data services to validate the government ID is not tampered with or modified. The service connects a customer\u2019s verified identity to their mobile device during the initial verification, bypassing the need to scan a government ID on subsequent verifications. The manufacturer states that this approach can lower the overall cost of identity verification for enterprises without impacting security.\n\nPing Identity believes its new service is ideal for companies in regulated industries, such as financial services and insurance, which have strict Know Your Customer (KYC) requirements. The risk level during the first interaction with a customer has high potential for fraudulent activity or account takeover. PingOne Verify could help these enterprises make sure that they are engaging with the right customers from the very first interaction.\n\nwww.pingidentity.com<\/a>","post_title":"Ping Identity launches identity verification service","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-launches-identity-verification-service","to_ping":"","pinged":"","post_modified":"2021-02-03 09:42:00","post_modified_gmt":"2021-02-03 09:42:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4801","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4739,"post_author":"3","post_date":"2021-01-30 02:27:00","post_date_gmt":"2021-01-30 02:27:00","post_content":"Software-Defined Trust specialists MagicCube has been appointed to the Board of Advisors at the PCI Security Standards Council (PCI SSC), whose role helps to ensure the security of card payment systems and determines international standards. MagicCube\u2019s CTO and co-founder, Nancy Zayed, will sit on the board.\n\n\u201cThe Board of Advisors provides industry expertise and perspectives that influence and shape the development of PCI Security Standards and programmes,\u201d said Lance J Johnson, PCI SSC Executive Director. \u201cWe look forward to working with MagicCube in our efforts to help organisations secure payment data globally.\u201d\n\nMagicCube\u2019s appointment is the first of a startup to the Board, which includes the likes of Amazon, JPMorganChase, Citi and PayPal, and the first of a Software-Defined Trust (SDT) platform designed for payments.\n\n\u201cWe rely on input from the Board of Advisors to develop data security standards and programmes that help businesses globally detect, mitigate and prevent cyberattacks and breaches,\u201d said Troy Leach, PCI SSC SVP Engagement Officer. \u201cWe\u2019re pleased to have MagicCube on the PCI SSC Board of Advisors to provide critical insights and help us build on the great efforts that are already being done to increase payment security globally.\u201d\n\n\u201cWe\u2019re extremely proud to have been elected to join the PCI Security Standards Council\u2019s Board of Advisors to continue our work on advising in the development of the PCI Security Standards,\u201d said Zayed. \u201cWe are hoping to share and contribute our experience in providing innovative provable software security technologies designed to come to par with hardware-based security yet competes with it in terms of practicality and ease of adoption, therefore enriching solutions\u2019 availability and extending optionality and speeds of adoption. Our objective of working within the Council to create and advance the standards for adopting new security technologies delivers on the Council\u2019s mission of maintaining the same high level of security of large volume of transactions across the many forms and configurations of payment platforms.\u201d\n\nwww.magiccube.co<\/a>","post_title":"MagicCube appointed to PCI Security Standards Council Board of Advisors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"magiccube-appointed-to-pci-security-standards-council-board-of-advisors","to_ping":"","pinged":"","post_modified":"2021-01-29 16:34:21","post_modified_gmt":"2021-01-29 16:34:21","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4739","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4516,"post_author":"3","post_date":"2021-01-11 10:23:32","post_date_gmt":"2021-01-11 10:23:32","post_content":"A third-party file sharing service used by the Reserve Bank of New Zealand \u2013 Te P\u016btea Matua to share and store some sensitive information, has been illegally accessed. Governor Adrian Orr stated that the breach has been contained, but that it would take time to determine the impact.\n\n\u201cWe are actively working with domestic and international cyber security experts and other relevant authorities as part of our investigation,\u201d said Orr. \u201cThis includes the GCSB\u2019s National Cyber Security Centre which has been notified and is providing guidance and advice. We have been advised by the third party provider that this wasn\u2019t a specific attack on the Reserve Bank, and other users of the file sharing application were also compromised.\u201d\n\nThe bank is working to understand the nature and extent of information that has been potentially accessed. However, it warns that it may include some commercially and personally sensitive information. The bank reports that the breached system has been secured and taken offline and that it is working with system users whose information may have been accessed.\n\n\u201cOur core functions and New Zealand\u2019s financial system remain sound, and Te P\u016btea Matua is open for business. This includes our markets operations and management of the cash and payments systems,\u201d concluded Orr.\n\nwww.rbnz.govt.nz<\/a>","post_title":"Reserve Bank of New Zealand suffers data breach","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"reserve-bank-of-new-zealand-suffers-data-breach","to_ping":"","pinged":"","post_modified":"2021-01-11 10:23:35","post_modified_gmt":"2021-01-11 10:23:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4516","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4205,"post_author":"3","post_date":"2020-12-09 12:09:02","post_date_gmt":"2020-12-09 12:09:02","post_content":"Idemia has signed a deal with Rocker to enhance contactless payment security for the blue-chip Swedish FinTech and bank challenger. The agreement will see Idemia\u2019s F.CODE biometric payment cards undergo a proof of concept with Rocker customers during the first quarter of 2021.\n\n\u201cAs a bank challenger, we are constantly testing new technology to develop smarter financial services that are easier to use and that help our customers improve their everyday financial lives,\u201d stated Jonas Hultin, Chief Product Officer and one of Rocker\u2019s three founders. \u201cWe are moving at a high pace to provide new and attractive innovations to customers. Launching biometric F.CODE debit cards is part of our strategy to offer smart and secure payment solutions across platforms, whether you wish to pay with your mobile, a card or with a transfer. In doing so, we are first in Sweden and one of the first in the world to offer this payment technology for consumers.\u201d\n\nThe deal marks the first ever-biometric card proof of concept in Northern Europe and will see payments using the card fingerprint-checked in store. The F.CODE payment card adopts a biometric authentication procedure making transactions quicker, more hygienic and more secure as cardholders no longer need to enter a PIN or sign. The solution ensures security by storing all biometric credentials only in the chip on the card, rather than in a remote database.\n\nThe battery-free card that will be rolled out in mid-2021 following the proof of concept is powered by the payment terminal and is designed to be user-friendly. Rocker aims to offer the F.CODE card as a new service in its growing offering of retail financial services that are easier to use, more flexible and better priced. The proof of concept will be completed by the first quarter of 2021.\n\n\u201cWe are proud to partner with Rocker and to shape the future of payments, hand in hand with a FinTech at the cutting edge of innovation,\u201d said Amanda Gourbault, IDEMIA\u2019s Executive Vice-President Financial Institutions. \u201cWe are delighted to ensure an innovative yet seamless experience to Rocker\u2019s customers thanks to the use of biometrics.\u201d\n\nwww.idemia.com<\/a>","post_title":"Idemia partners with Rocker to offer the first biometric card in Sweden","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"idemia-partners-with-rocker-to-offer-the-first-biometric-card-in-sweden","to_ping":"","pinged":"","post_modified":"2022-12-14 16:10:48","post_modified_gmt":"2022-12-14 16:10:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4205","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4155,"post_author":"3","post_date":"2020-12-04 15:36:00","post_date_gmt":"2020-12-04 15:36:00","post_content":"

Thales has launched the Gemalto Intelligent Double-sided ID Card Reader CR5400i, a product it describes as the world\u2019s only double-sided ID card reader and the first to be able to examine ID cards or driving licenses in the cloud in less than four seconds.<\/p>\n

The manufacturer states that its reader protects businesses from fraud and forgery thanks to sophisticated mechanisms for superior document authentication. The \u201ci\u201d version permits multiple intelligent readers to be centrally connected via Wi-Fi for organisations that need to deploy a fleet of readers. The compact device can also be set up, managed and serviced remotely.<\/p>\n

To use the device, a user inserts their ID card into the reader which reads both sides of the card simultaneously. Once this action is complete, a LED changes from blue to green and the ID is ejected and returned to its owner with no physical interaction between the user and operator.<\/p>\n

\u201cAt Thales we are committed to bring both convenience and security to the ID verification process. With the new double-sided reader the user experience is smooth while the service provider can fight ID fraud benefitting from a flexible and easy-to-integrate solution,\u201d said James MacLean Director of Document Reading Solutions at Thales. \u201cIn addition, the Covid-19 context has brought new challenges that Thales\u2019 intelligent ID card reader answers with its touch-free feature.\u201d<\/p>\n

www.thalesgroup.com<\/a><\/p>\n \n\n ","post_title":"Thales unveils double-sided ID card reader","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"thales-unveils-double-sided-id-card-reader","to_ping":"","pinged":"","post_modified":"2020-12-03 17:38:48","post_modified_gmt":"2020-12-03 17:38:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4155","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4079,"post_author":"3","post_date":"2020-11-27 17:28:17","post_date_gmt":"2020-11-27 17:28:17","post_content":"The Australian Prudential Regulation Authority (APRA) has released its Cyber Security Strategy for 2020 to 2024. The strategy seeks to lift cybersecurity standards further and introduce heightened accountability where companies fail to meet their legally binding requirements. Most notably, it also aims to extend APRA\u2019s reach beyond its regulated entities to influence the broader eco-system of suppliers and providers they rely upon.\n\nIn a speech to the Financial Services Assurance Forum, APRA Executive Board Member Geoff Summerhayes stated: \u201cTo date, no APRA-regulated bank, insurer or superannuation fund has suffered a material cyber breach, but our view that it\u2019s only a matter of time until a major incident occurs hasn\u2019t changed. Although the financial industry takes cyber risk seriously, there is room for improvement. For example, too many boards still lack visibility or understanding of the problems, while internal audit functions can lack the specialist skills to challenge boards and management to plug urgent gaps.\u201d\n\nThe new strategy builds on APRA\u2019s previous strategic initiatives including the delivery of its information security prudential standard and prudential guidance, and establishing a notification and response process for material cyber incidents.\n\n\u201cThe Strategy has been informed by extensive consultation with the Department of Home Affairs, as well as Treasury, ASIC and the Reserve Bank of Australia, and is designed to complement Australia\u2019s Cyber Security Strategy 2020,\u201d explained Summerhayes. \u201cOur mission is to make a step change in Australia\u2019s financial system cyber resilience. Our vision is for a financial system that can stand firm against cyber-attacks.\u201d\n\nThe Strategy comprises three primary focus areas. First is to establish a baseline of cyber controls by reinforcing the embedding of non-negotiable cyber practices. The second priority is to enable boards and executives of financial institutions to oversee and direct correction of cyber exposures. The final branch of APRA\u2019s new strategy is to rectify weak links within the broader financial eco-system and supply chain by fostering the maturation of provider cyber-assessment and assurance, and harmonising the regulation and supervision of cyber across the financial system.\n\n\u201cAs the threat posed by domestic and international cyber adversaries grows, along with the potential impact of a successful attack, we must remain on guard and continue to build our defences,\u201d concluded Summerhayes. \u201cIn an environment where an attack on one of us could be an attack on any of us, we are all \u2013 governments, regulators, organisations and individuals \u2013 links in a chain \u2013 and we are in this battle together. By sharing information and expertise, pooling resources and taking prompt action to plug gaps and fix weak links, we create a community of cyber defenders that is greater than the sum of its parts. In doing so, we help to keep the chain as strong as possible, and lock out those who would do us harm.\u201d\n\nwww.apra.gov.au<\/a>","post_title":"APRA releases new cybersecurity strategy","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"apra-releases-new-cybersecurity-strategy","to_ping":"","pinged":"","post_modified":"2020-11-27 17:28:22","post_modified_gmt":"2020-11-27 17:28:22","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4079","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4000,"post_author":"3","post_date":"2020-11-17 13:49:56","post_date_gmt":"2020-11-17 13:49:56","post_content":"ESET researchers have discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates stolen from two different companies. The attack was made easier for Lazarus as South Korean internet users are often asked to install additional security software when visiting government or internet banking websites.\n\n\u201cTo understand this novel supply-chain attack, you should be aware that Wizvera VeraPort, referred to as an integration installation program, is a South Korean application that helps manage such additional security software. When Wizvera VeraPort is installed, users receive and install all necessary software required by a specific website. Minimal user interaction is required to start such software installation,\u201d explained Anton Cherepanov, ESET researcher who led the investigation into the attack. \u201cUsually this software is used by government and banking websites in South Korea. For some of these websites it\u2019s mandatory to have Wizvera VeraPort installed.\u201d\n\n\u201cWhile the Wizvera software does exhibit security maturity and offers a safeguard to cyber threats, it only does what the configuration file instructs,\u201d observed Boris Cipot, senior security engineer at Synopsys. \u201cIn other words, the file informs Wizvera on which software it should install. All that hackers had to do was find the websites that were easiest to breach. Once breached, the attacker could then replace legitimate binaries with malicious ones. This enables Wizvera to install malicious software on visitors\u2019 devices.\u201d\n\nAdditionally, the attackers used illegally obtained code-signing certificates in order to sign the malware samples. One of these certificates was issued to the US branch of a South Korean security company. \u201cThe attackers camouflaged the Lazarus malware samples as legitimate software. These samples have similar file names, icons and resources as legitimate South Korean software,\u201d says Peter K\u00e1lnai, ESET researcher who analysed the Lazarus attack with Cherepanov. \u201cIt\u2019s the combination of compromised websites with Wizvera VeraPort support and specific VeraPort configuration options that allows attackers to perform this attack.\u201d\n\n\u201cWhat has transpired here highlights how cybersecurity does not operate within a vacuum,\u201d added Stuart Sharp, VP of Technical Services at OneLogin. \u201cMaintaining good cybersecurity requires keeping an eye on the basics, and ensuring that the organisations you partner with in the supply chain do as well - as the saying goes, your security is only as strong as your weakest link. In this instance, the South Korean government should ensure that the software manager verifies the owner of the certificate, and that all organisations within their supply chain are adhering to a standard set of cyber hygiene rules as well as performing regular security audits. This is particularly true if they are requiring users to download software to access certain services.\u201d\n\n\u201cThis attack by Lazarus group is yet another example of how cybercriminals will try to compromise the supply chain at any weak spot to gain access,\u201d agreed Javvad Malik, Security Awareness Advocate at KnowBe4. \u201cIt's therefore essential that all organisations have effective and robust security controls in place to maintain the integrity of their supply chains and the security of transactions which take place across them. We saw Petya ransomware spread through most of Ukraine due to a compromised tax filing software. Government departments in particular need to keep a close eye on mandatory software or portals which, if compromised, can quickly have large impacts.\u201d\n\n\u201cThis is yet another case of cybercriminals finding loopholes in security procedures,\u201d concluded Cipot. \u201cBased on feedback from ESET researchers, the easiest prevention of such an attack would be to provide hashes on the binaries in the configuration files. That way, the binary cannot be installed if the hashes do not match. Unfortunately, skipping this extra security step has allowed attackers to abuse the otherwise robust system. We see this often, where misconfiguration can lead to significant consequences. While typically we hear about instances of misconfigured S3 buckets, in this case, it was a misconfigured instruction file.\u201d\n\nwww.eset.com<\/a>","post_title":"ESET Research discovers Lazarus attack in South Korea","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"eset-research-discovers-lazarus-attack-in-south-korea","to_ping":"","pinged":"","post_modified":"2020-11-17 13:49:59","post_modified_gmt":"2020-11-17 13:49:59","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4000","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3655,"post_author":"3","post_date":"2020-10-21 17:06:04","post_date_gmt":"2020-10-21 16:06:04","post_content":"

HID Global has been working with banking software manufacturer Temenos to expand the features of its multi-factor authentication solution that are available to Temenos Infinity users. HID\u2019s risk-based authentication solution is pre-integrated with Temenos\u2019 digital front office product, Infinity.<\/p>\n

<\/p>\n

\u201cHID is committed to helping Temenos customers meet today\u2019s extraordinary demand for safe and secure access to mobile and online banking services as a result of the current global health crisis,\u201d said Brad Jarvis, Vice President and Managing Director of the Identity & Access Management Solutions with HID Global. \u201cWe are ensuring that Temenos Infinity users can benefit from the broadest range of capabilities in our risk-based authentication solution, from onboarding and transaction signing through self-service and management.\u201d<\/p>\n

<\/p>\n

HID\u2019s offering supports the latest Temenos Infinity capabilities through its HID ActivID Authentication Platform featuring the HID Risk Management Solution with real-time risk profiling technology. Temenos Infinity users now benefit from a wide range of options for authentication and onboarding, including static passwords, multiple types of One Time Passwords (OTPs) and FIDO hardware authenticators, and mobile push notification leveraging public key cryptography. In addition to this, further capabilities include <\/a>pre-integrated HID Identity Verification Service capabilities that simplify and enhance digital identity self-service and management while increasing administrative visibility.<\/p>\n

<\/p>\n

\u201cAs the leader in banking software, we know that the need for modern digital banking in this \u2018New Normal\u2019 will be greater than ever,\u201d said James Holland, Director of Product Security with Temenos. \u201cTemenos is helping banks support today\u2019s surge in digital banking volumes while also ensuring that these interactions are secure at every point, including the consumer\u2019s device where they are initiated.  We welcome these new capabilities from HID Global.\u201d<\/p>\n

<\/p>\n

<\/p>\n

www.hidglobal.com<\/a><\/p>","post_title":"HID Global expands multi-factor authentication features for Temenos Infinity","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"hid-global-expands-multi-factor-authentication-features-for-temenos-infinity","to_ping":"","pinged":"","post_modified":"2023-01-23 10:57:39","post_modified_gmt":"2023-01-23 10:57:39","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3655","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3642,"post_author":"3","post_date":"2020-10-21 11:14:26","post_date_gmt":"2020-10-21 10:14:26","post_content":"

Mastercard has partnered with IDEMIA and MatchMove for its first pilot in Asia of a biometric card that uses a fingerprint to authorise transactions at in-store payment terminals. The card, with the product name F.CODE Easy, is said to make transactions more convenient, safe and secure by eliminating the need for a cardholder to provide a PIN number or signature, thereby reducing touch points in public places.<\/p>\n

<\/p>\n

Developed by IDEMIA in accordance with Mastercard\u2019s technical and design specifications, F.CODE Easy stores all biometric credentials on the card chip rather than a central database. The battery-free card, which harvests energy from payment terminals to power its fingerprint sensor, is designed to be user-friendly and is certified to ISO standards by Mastercard for security and compliance.<\/p>\n

<\/p>\n

MatchMove, a Banking as a Service provider in Singapore, will issue the biometric cards for the pilot in the fourth quarter of 2020. The pilot will feature employees of Mastercard, IDEMIA and MatchMove using the cards for transactions and live demonstrations for customers.<\/p>\n

<\/p>\n

\u201cAs people make a permanent move to contactless transactions, the biometric card promises more choice and greater security for consumers,\u201d said Matthew Driver, Executive Vice President, Services, Asia Pacific, Mastercard. \u201cWith Mastercard\u2019s focus on digital commerce, this solution is a testament to the innovative partnerships Mastercard cultivates and its mission to provide fast, frictionless payment experiences that are protected at every point.\u201d<\/p>\n

<\/p>\n

\u201cWe are proud to celebrate this milestone on our journey to shaping the future of payments into one powered by biometrics,\u201d said Vincent Mouret, Senior Vice President of Financial Institutions Asia Pacific at IDEMIA. \u201cWe are delighted to partner with Mastercard and MatchMove to launch F.CODE Easy in Asia and we look forward to continuing to work together to provide end-to-end security for fintechs.\u201d<\/p>\n

<\/p>\n

\u201cWe are excited to partner with IDEMIA and Mastercard to pioneer cutting-edge solutions that empower our customers to make safe and secure payments,\u201d said Amar Abrol, Chief Commercial Officer at MatchMove. \u201cBy leveraging F.CODE Easy, we can enable multiple use cases for our clients who in turn create greater value and utility for their customers, employees, suppliers and partners. We look forward to working together and introducing new innovative solutions to the market.\u201d<\/p>\n

<\/p>\n

www.idemia.com<\/a><\/p>","post_title":"Mastercard, IDEMIA and MatchMove pilot biometric Card in Asia","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"mastercard-idemia-and-matchmove-pilot-biometric-card-in-asia","to_ping":"","pinged":"","post_modified":"2022-12-14 16:11:10","post_modified_gmt":"2022-12-14 16:11:10","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3642","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3400,"post_author":"3","post_date":"2020-10-16 17:52:28","post_date_gmt":"2020-10-16 16:52:28","post_content":"Zimperium discusses the security and privacy issues found in 400 mobile banking and payment apps distributed in the EMEA region.","post_title":"Security and risk findings in the top 400 EMEA mobile banking apps","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"security-and-risk-findings-in-the-top-400-emea-mobile-banking-apps","to_ping":"","pinged":"","post_modified":"2020-10-16 17:52:30","post_modified_gmt":"2020-10-16 16:52:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3400","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"}],"next":false,"prev":false,"total_page":1},"paged":1,"column_class":"jeg_col_2o3","class":"epic_block_14"};

\n

Employee safety is a top priority in retail stores, bank branches, and similar applications. Using Bosch's method of integrating the intrusion system's panic buttons or bill trap sensors with the radio dispatch system, this can provide added security by alerting security personnel to high-risk situations.<\/p>\n\n\n\n

\nhttps:\/\/www.youtube.com\/watch?v=-Erg_9Y9y28&ab_channel=BoschSecurityandSafetySystems\n<\/div><\/figure>\n\n\n\n

https:\/\/www.boschsecurity.com\/gb\/en\/<\/a><\/p>\n","post_title":"Bosch Security Systems | Assuring employee safety","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bosch-security-systems-assuring-employee-safety","to_ping":"","pinged":"","post_modified":"2022-07-11 20:22:00","post_modified_gmt":"2022-07-11 19:22:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6070","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5921,"post_author":"3","post_date":"2021-04-30 17:35:38","post_date_gmt":"2021-04-30 16:35:38","post_content":"Reiknistofa bankanna (RB), an IT service provider for Icelandic financial institutions, has recently overhauled its security infrastructure with Genetec Security Center. Following a project from systems integrator Hafnes Ehf, RB is now using Genetec to manage its cameras, access control and video analytics through a single interface.\n\nRB is a provider of mission-critical IT systems for Icelandic financial institutions, responsible for the country\u2019s central clearance and settlement system, and a number of multi-tenant core banking solutions. RB places a very high importance on security, not only to ensure its data stays safe, but also to protect employees and visiting clients. While its server rooms and offices were protected via disparate video and access control systems, the technology was old, and maintenance was becoming both a financial and an operational burden.\n\nRB operates its solutions across multiple data centres in a shared, multi-bank environment. This requires a system that brings video and access control into a single solution. As an open unified platform, Genetec Security Center was reportedly chosen as it simplified daily security operations, allowed for further integration with other tools such as RB\u2019s heating and cooling systems, and delivered business-wide value.\n\n\u201cFrom day one we wanted a unified system which could help our teams understand the situation quickly; alerting them if anything required their attention,\u201d said Geir S\u00e6mundsson, Datacentre Manager at Reiknistofa bankanna. \u201cThe Genetec solution does just this and is allowing us to build-in customised alerts so we gain business intelligence \u2013 providing us with better ROI.\u201d\n\n\u201cPhysical security teams are demanding simplicity and greater functionality,\u201d added Anthonie van der Ploeg, Director of Sales for Benelux & Nordics at Genetec. \u201cUnification can offer them both by bringing together all security system components seamlessly in a single software platform in a way that can vastly improve security management. We are delighted that Iceland\u2019s Reiknistofa Bankanna has experienced the deep business insights Genetec Security Center is capable of delivering and we look forward to supporting them as they evolve and grow their operations.\u201d\n\n\u201cThe time savings delivered by Genetec have been immense,\u201d concluded S\u00e6mundsson. \u201cIt\u2019s been a worthwhile investment, especially as it can evolve with us, and allows us to move at our chosen speed. Considering its ease of use, deep integration and leading analytics, we look forward to continuing the partnership over the coming years.\u201d\n\nwww.genetec.com<\/a>","post_title":"Genetec protects Iceland\u2019s financial services backbone","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"genetec-protects-icelands-financial-services-backbone","to_ping":"","pinged":"","post_modified":"2023-01-23 10:33:37","post_modified_gmt":"2023-01-23 10:33:37","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5921","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5156,"post_author":"3","post_date":"2021-03-04 08:47:26","post_date_gmt":"2021-03-04 08:47:26","post_content":"Bothwell Exchange, a new construction commercial space in Glasgow, Scotland, has installed an array of Boon Edam\u2019s Speedlane Slide optical turnstiles in the lobby and two TQA automatic revolving doors at the main entrance to control access.\n\nBothwell Exchange is a 9-storey, 155,000 sq. ft. commercial building located at 122 Waterloo Street in Glasgow, Scotland\u2019s International Financial Services District (IFSD). The location houses various international banking giants, as well as a gym, a kitchen and other amenities for employees. Architectural firm Michael Laird Associates led the design of the project, to create modern design with an open, column-free look and feel.\n\nWhen the project was completed, Bothwell Exchange was named the first development in Scotland to achieve the Platinum Wiredscore Certification, demonstrating that the building goes above and beyond to meet its tenants\u2019 connectivity needs. Bothwell Exchange was also awarded a BREEAM Excellent Rating, a performance standard which measures a building\u2019s sustainable value in a series of categories, ranging from energy to ecology.\n\nThe architects wanted to incorporate an automatic revolving door into the entrance of the building. Revolving doors are \u201calways open, always closed,\u201d meaning that no matter the position of the door, there is always a seal between the outside environment and the interior building. This helps save on energy costs and lobby space, without slowing down traffic. In consideration of these benefits, it was decided that the Bothwell Exchange entrance would consist of two automatic, 4-wing TQA revolving doors finished in 316 stainless steel. Additionally, for added security after hours, each door was outfitted with an external night sliding door set that completely seals the throat opening and can be locked to deter intruders.\n\nDuring the construction phase of building design, the architects communicated a need to incorporate security measures into the open lobby without impairing the flow of traffic in and out of the building. After a discussion around the estimated traffic needs of the building, the team decided to install a four-lane array of Speedlane Slide optical turnstiles to control unauthorised entry while still allowing 20-30 people per lane to enter each minute. To handle multiple types of traffic, the turnstile array was comprised of three standard-width lanes and one ADA-width lane. The wide lane would accommodate both employee traffic and the occasional wheelchair or delivery.\n\nwww.boonedam.com<\/a>","post_title":"Bothwell Exchange installs Boon Edam turnstiles and revolving doors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bothwell-exchange-installs-boon-edam-turnstiles-and-revolving-doors","to_ping":"","pinged":"","post_modified":"2021-03-04 08:47:30","post_modified_gmt":"2021-03-04 08:47:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5156","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4810,"post_author":"3","post_date":"2021-02-03 15:16:33","post_date_gmt":"2021-02-03 15:16:33","post_content":"Dahua Technology UK and Ireland has created a feature-rich virtual experience dubbed the Virtual Innovation Centre as a way to counter the continued absence of face-to-face trade events during the pandemic.\n\nThe innovation centre features immersive virtual reality, where visitors are able to walk through a pavilion and see Dahua\u2019s latest product and technology innovations. Visitors can select an automatic tour of the entire pavilion to get an overview on what is on offer, with the option of stopping at particular exhibits to drill down to the level of detail they require. Alternatively, visitors can navigate the pavilion at their own pace, stopping off wherever they like. Users can visit the site around the clock, and there is no limit to the number of times it can be accessed.\n\n\u201cWe are thrilled by the launch of our Virtual Innovation Centre, which has been carefully planned and designed to give users the optimum experience from the comfort and safety of their own homes or offices,\u201d said Michael Lawrence, Marketing Director for Dahua UK & Ireland. \u201cIt is the closest thing visitors can get to a live physical exhibition, but with the addition of a wealth of multimedia and online content.\u201d\n\nExhibits include: video solutions with AI learning capabilities; a range of temperature monitoring solutions including TMAC, Dahua\u2019s contactless temperature monitoring access control system; smart home and smart retail applications; and video intercom solutions. There are also areas dedicated to specific vertical applications such as smart transport, safe cities, smart retail and smart banking.\n\nvirtual-innovation-centre.dahuasecuritysolutions.co.uk<\/a>","post_title":"Dahua UK and Ireland launches virtual innovation centre","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"dahua-uk-and-ireland-launches-virtual-innovation-centre","to_ping":"","pinged":"","post_modified":"2021-02-03 15:16:35","post_modified_gmt":"2021-02-03 15:16:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4810","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4801,"post_author":"3","post_date":"2021-02-03 09:41:54","post_date_gmt":"2021-02-03 09:41:54","post_content":"Ping Identity has launched PingOne Verify, a cloud service that helps enterprises verify their customers\u2019 identities for rapid account onboarding, authentication and fraud prevention. The new service is the latest addition to Ping Identity\u2019s suite of cloud services for identity and access management (IAM).\n\n\u201cEnterprises need individuals to verify their identity to prevent fraud, but if the verification process is too cumbersome, they risk losing customers in their first interactions with the business,\u201d said Andre Durand, CEO and founder of Ping Identity. \u201cPingOne Verify is a simple way to verify identities that meets all of an enterprise\u2019s security requirements, while giving customers a streamlined, passwordless, onboarding experience.\u201d\n\nPingOne Verify enables enterprises to embed identity verification directly into their customer-facing mobile app. Customers provide live-capture selfies along with an image of their government-issued identification card, such as a driver\u2019s license or passport. The technology leverages \u2018liveness detection\u2019, in which customers\u2019 facial gestures \u2013 like smiling and straight-faced \u2013 are captured in a continuous stream, rather than a single static image, allowing PingOne Verify to ensure the end-user is a real, live person who is able to follow instructions.\n\nThe system uses facial recognition technology to match the live-face capture with the customer\u2019s image on their government ID. Once it is determined to be a match, PingOne Verify then taps into external data services to validate the government ID is not tampered with or modified. The service connects a customer\u2019s verified identity to their mobile device during the initial verification, bypassing the need to scan a government ID on subsequent verifications. The manufacturer states that this approach can lower the overall cost of identity verification for enterprises without impacting security.\n\nPing Identity believes its new service is ideal for companies in regulated industries, such as financial services and insurance, which have strict Know Your Customer (KYC) requirements. The risk level during the first interaction with a customer has high potential for fraudulent activity or account takeover. PingOne Verify could help these enterprises make sure that they are engaging with the right customers from the very first interaction.\n\nwww.pingidentity.com<\/a>","post_title":"Ping Identity launches identity verification service","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-launches-identity-verification-service","to_ping":"","pinged":"","post_modified":"2021-02-03 09:42:00","post_modified_gmt":"2021-02-03 09:42:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4801","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4739,"post_author":"3","post_date":"2021-01-30 02:27:00","post_date_gmt":"2021-01-30 02:27:00","post_content":"Software-Defined Trust specialists MagicCube has been appointed to the Board of Advisors at the PCI Security Standards Council (PCI SSC), whose role helps to ensure the security of card payment systems and determines international standards. MagicCube\u2019s CTO and co-founder, Nancy Zayed, will sit on the board.\n\n\u201cThe Board of Advisors provides industry expertise and perspectives that influence and shape the development of PCI Security Standards and programmes,\u201d said Lance J Johnson, PCI SSC Executive Director. \u201cWe look forward to working with MagicCube in our efforts to help organisations secure payment data globally.\u201d\n\nMagicCube\u2019s appointment is the first of a startup to the Board, which includes the likes of Amazon, JPMorganChase, Citi and PayPal, and the first of a Software-Defined Trust (SDT) platform designed for payments.\n\n\u201cWe rely on input from the Board of Advisors to develop data security standards and programmes that help businesses globally detect, mitigate and prevent cyberattacks and breaches,\u201d said Troy Leach, PCI SSC SVP Engagement Officer. \u201cWe\u2019re pleased to have MagicCube on the PCI SSC Board of Advisors to provide critical insights and help us build on the great efforts that are already being done to increase payment security globally.\u201d\n\n\u201cWe\u2019re extremely proud to have been elected to join the PCI Security Standards Council\u2019s Board of Advisors to continue our work on advising in the development of the PCI Security Standards,\u201d said Zayed. \u201cWe are hoping to share and contribute our experience in providing innovative provable software security technologies designed to come to par with hardware-based security yet competes with it in terms of practicality and ease of adoption, therefore enriching solutions\u2019 availability and extending optionality and speeds of adoption. Our objective of working within the Council to create and advance the standards for adopting new security technologies delivers on the Council\u2019s mission of maintaining the same high level of security of large volume of transactions across the many forms and configurations of payment platforms.\u201d\n\nwww.magiccube.co<\/a>","post_title":"MagicCube appointed to PCI Security Standards Council Board of Advisors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"magiccube-appointed-to-pci-security-standards-council-board-of-advisors","to_ping":"","pinged":"","post_modified":"2021-01-29 16:34:21","post_modified_gmt":"2021-01-29 16:34:21","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4739","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4516,"post_author":"3","post_date":"2021-01-11 10:23:32","post_date_gmt":"2021-01-11 10:23:32","post_content":"A third-party file sharing service used by the Reserve Bank of New Zealand \u2013 Te P\u016btea Matua to share and store some sensitive information, has been illegally accessed. Governor Adrian Orr stated that the breach has been contained, but that it would take time to determine the impact.\n\n\u201cWe are actively working with domestic and international cyber security experts and other relevant authorities as part of our investigation,\u201d said Orr. \u201cThis includes the GCSB\u2019s National Cyber Security Centre which has been notified and is providing guidance and advice. We have been advised by the third party provider that this wasn\u2019t a specific attack on the Reserve Bank, and other users of the file sharing application were also compromised.\u201d\n\nThe bank is working to understand the nature and extent of information that has been potentially accessed. However, it warns that it may include some commercially and personally sensitive information. The bank reports that the breached system has been secured and taken offline and that it is working with system users whose information may have been accessed.\n\n\u201cOur core functions and New Zealand\u2019s financial system remain sound, and Te P\u016btea Matua is open for business. This includes our markets operations and management of the cash and payments systems,\u201d concluded Orr.\n\nwww.rbnz.govt.nz<\/a>","post_title":"Reserve Bank of New Zealand suffers data breach","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"reserve-bank-of-new-zealand-suffers-data-breach","to_ping":"","pinged":"","post_modified":"2021-01-11 10:23:35","post_modified_gmt":"2021-01-11 10:23:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4516","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4205,"post_author":"3","post_date":"2020-12-09 12:09:02","post_date_gmt":"2020-12-09 12:09:02","post_content":"Idemia has signed a deal with Rocker to enhance contactless payment security for the blue-chip Swedish FinTech and bank challenger. The agreement will see Idemia\u2019s F.CODE biometric payment cards undergo a proof of concept with Rocker customers during the first quarter of 2021.\n\n\u201cAs a bank challenger, we are constantly testing new technology to develop smarter financial services that are easier to use and that help our customers improve their everyday financial lives,\u201d stated Jonas Hultin, Chief Product Officer and one of Rocker\u2019s three founders. \u201cWe are moving at a high pace to provide new and attractive innovations to customers. Launching biometric F.CODE debit cards is part of our strategy to offer smart and secure payment solutions across platforms, whether you wish to pay with your mobile, a card or with a transfer. In doing so, we are first in Sweden and one of the first in the world to offer this payment technology for consumers.\u201d\n\nThe deal marks the first ever-biometric card proof of concept in Northern Europe and will see payments using the card fingerprint-checked in store. The F.CODE payment card adopts a biometric authentication procedure making transactions quicker, more hygienic and more secure as cardholders no longer need to enter a PIN or sign. The solution ensures security by storing all biometric credentials only in the chip on the card, rather than in a remote database.\n\nThe battery-free card that will be rolled out in mid-2021 following the proof of concept is powered by the payment terminal and is designed to be user-friendly. Rocker aims to offer the F.CODE card as a new service in its growing offering of retail financial services that are easier to use, more flexible and better priced. The proof of concept will be completed by the first quarter of 2021.\n\n\u201cWe are proud to partner with Rocker and to shape the future of payments, hand in hand with a FinTech at the cutting edge of innovation,\u201d said Amanda Gourbault, IDEMIA\u2019s Executive Vice-President Financial Institutions. \u201cWe are delighted to ensure an innovative yet seamless experience to Rocker\u2019s customers thanks to the use of biometrics.\u201d\n\nwww.idemia.com<\/a>","post_title":"Idemia partners with Rocker to offer the first biometric card in Sweden","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"idemia-partners-with-rocker-to-offer-the-first-biometric-card-in-sweden","to_ping":"","pinged":"","post_modified":"2022-12-14 16:10:48","post_modified_gmt":"2022-12-14 16:10:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4205","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4155,"post_author":"3","post_date":"2020-12-04 15:36:00","post_date_gmt":"2020-12-04 15:36:00","post_content":"

Thales has launched the Gemalto Intelligent Double-sided ID Card Reader CR5400i, a product it describes as the world\u2019s only double-sided ID card reader and the first to be able to examine ID cards or driving licenses in the cloud in less than four seconds.<\/p>\n

The manufacturer states that its reader protects businesses from fraud and forgery thanks to sophisticated mechanisms for superior document authentication. The \u201ci\u201d version permits multiple intelligent readers to be centrally connected via Wi-Fi for organisations that need to deploy a fleet of readers. The compact device can also be set up, managed and serviced remotely.<\/p>\n

To use the device, a user inserts their ID card into the reader which reads both sides of the card simultaneously. Once this action is complete, a LED changes from blue to green and the ID is ejected and returned to its owner with no physical interaction between the user and operator.<\/p>\n

\u201cAt Thales we are committed to bring both convenience and security to the ID verification process. With the new double-sided reader the user experience is smooth while the service provider can fight ID fraud benefitting from a flexible and easy-to-integrate solution,\u201d said James MacLean Director of Document Reading Solutions at Thales. \u201cIn addition, the Covid-19 context has brought new challenges that Thales\u2019 intelligent ID card reader answers with its touch-free feature.\u201d<\/p>\n

www.thalesgroup.com<\/a><\/p>\n \n\n ","post_title":"Thales unveils double-sided ID card reader","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"thales-unveils-double-sided-id-card-reader","to_ping":"","pinged":"","post_modified":"2020-12-03 17:38:48","post_modified_gmt":"2020-12-03 17:38:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4155","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4079,"post_author":"3","post_date":"2020-11-27 17:28:17","post_date_gmt":"2020-11-27 17:28:17","post_content":"The Australian Prudential Regulation Authority (APRA) has released its Cyber Security Strategy for 2020 to 2024. The strategy seeks to lift cybersecurity standards further and introduce heightened accountability where companies fail to meet their legally binding requirements. Most notably, it also aims to extend APRA\u2019s reach beyond its regulated entities to influence the broader eco-system of suppliers and providers they rely upon.\n\nIn a speech to the Financial Services Assurance Forum, APRA Executive Board Member Geoff Summerhayes stated: \u201cTo date, no APRA-regulated bank, insurer or superannuation fund has suffered a material cyber breach, but our view that it\u2019s only a matter of time until a major incident occurs hasn\u2019t changed. Although the financial industry takes cyber risk seriously, there is room for improvement. For example, too many boards still lack visibility or understanding of the problems, while internal audit functions can lack the specialist skills to challenge boards and management to plug urgent gaps.\u201d\n\nThe new strategy builds on APRA\u2019s previous strategic initiatives including the delivery of its information security prudential standard and prudential guidance, and establishing a notification and response process for material cyber incidents.\n\n\u201cThe Strategy has been informed by extensive consultation with the Department of Home Affairs, as well as Treasury, ASIC and the Reserve Bank of Australia, and is designed to complement Australia\u2019s Cyber Security Strategy 2020,\u201d explained Summerhayes. \u201cOur mission is to make a step change in Australia\u2019s financial system cyber resilience. Our vision is for a financial system that can stand firm against cyber-attacks.\u201d\n\nThe Strategy comprises three primary focus areas. First is to establish a baseline of cyber controls by reinforcing the embedding of non-negotiable cyber practices. The second priority is to enable boards and executives of financial institutions to oversee and direct correction of cyber exposures. The final branch of APRA\u2019s new strategy is to rectify weak links within the broader financial eco-system and supply chain by fostering the maturation of provider cyber-assessment and assurance, and harmonising the regulation and supervision of cyber across the financial system.\n\n\u201cAs the threat posed by domestic and international cyber adversaries grows, along with the potential impact of a successful attack, we must remain on guard and continue to build our defences,\u201d concluded Summerhayes. \u201cIn an environment where an attack on one of us could be an attack on any of us, we are all \u2013 governments, regulators, organisations and individuals \u2013 links in a chain \u2013 and we are in this battle together. By sharing information and expertise, pooling resources and taking prompt action to plug gaps and fix weak links, we create a community of cyber defenders that is greater than the sum of its parts. In doing so, we help to keep the chain as strong as possible, and lock out those who would do us harm.\u201d\n\nwww.apra.gov.au<\/a>","post_title":"APRA releases new cybersecurity strategy","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"apra-releases-new-cybersecurity-strategy","to_ping":"","pinged":"","post_modified":"2020-11-27 17:28:22","post_modified_gmt":"2020-11-27 17:28:22","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4079","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4000,"post_author":"3","post_date":"2020-11-17 13:49:56","post_date_gmt":"2020-11-17 13:49:56","post_content":"ESET researchers have discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates stolen from two different companies. The attack was made easier for Lazarus as South Korean internet users are often asked to install additional security software when visiting government or internet banking websites.\n\n\u201cTo understand this novel supply-chain attack, you should be aware that Wizvera VeraPort, referred to as an integration installation program, is a South Korean application that helps manage such additional security software. When Wizvera VeraPort is installed, users receive and install all necessary software required by a specific website. Minimal user interaction is required to start such software installation,\u201d explained Anton Cherepanov, ESET researcher who led the investigation into the attack. \u201cUsually this software is used by government and banking websites in South Korea. For some of these websites it\u2019s mandatory to have Wizvera VeraPort installed.\u201d\n\n\u201cWhile the Wizvera software does exhibit security maturity and offers a safeguard to cyber threats, it only does what the configuration file instructs,\u201d observed Boris Cipot, senior security engineer at Synopsys. \u201cIn other words, the file informs Wizvera on which software it should install. All that hackers had to do was find the websites that were easiest to breach. Once breached, the attacker could then replace legitimate binaries with malicious ones. This enables Wizvera to install malicious software on visitors\u2019 devices.\u201d\n\nAdditionally, the attackers used illegally obtained code-signing certificates in order to sign the malware samples. One of these certificates was issued to the US branch of a South Korean security company. \u201cThe attackers camouflaged the Lazarus malware samples as legitimate software. These samples have similar file names, icons and resources as legitimate South Korean software,\u201d says Peter K\u00e1lnai, ESET researcher who analysed the Lazarus attack with Cherepanov. \u201cIt\u2019s the combination of compromised websites with Wizvera VeraPort support and specific VeraPort configuration options that allows attackers to perform this attack.\u201d\n\n\u201cWhat has transpired here highlights how cybersecurity does not operate within a vacuum,\u201d added Stuart Sharp, VP of Technical Services at OneLogin. \u201cMaintaining good cybersecurity requires keeping an eye on the basics, and ensuring that the organisations you partner with in the supply chain do as well - as the saying goes, your security is only as strong as your weakest link. In this instance, the South Korean government should ensure that the software manager verifies the owner of the certificate, and that all organisations within their supply chain are adhering to a standard set of cyber hygiene rules as well as performing regular security audits. This is particularly true if they are requiring users to download software to access certain services.\u201d\n\n\u201cThis attack by Lazarus group is yet another example of how cybercriminals will try to compromise the supply chain at any weak spot to gain access,\u201d agreed Javvad Malik, Security Awareness Advocate at KnowBe4. \u201cIt's therefore essential that all organisations have effective and robust security controls in place to maintain the integrity of their supply chains and the security of transactions which take place across them. We saw Petya ransomware spread through most of Ukraine due to a compromised tax filing software. Government departments in particular need to keep a close eye on mandatory software or portals which, if compromised, can quickly have large impacts.\u201d\n\n\u201cThis is yet another case of cybercriminals finding loopholes in security procedures,\u201d concluded Cipot. \u201cBased on feedback from ESET researchers, the easiest prevention of such an attack would be to provide hashes on the binaries in the configuration files. That way, the binary cannot be installed if the hashes do not match. Unfortunately, skipping this extra security step has allowed attackers to abuse the otherwise robust system. We see this often, where misconfiguration can lead to significant consequences. While typically we hear about instances of misconfigured S3 buckets, in this case, it was a misconfigured instruction file.\u201d\n\nwww.eset.com<\/a>","post_title":"ESET Research discovers Lazarus attack in South Korea","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"eset-research-discovers-lazarus-attack-in-south-korea","to_ping":"","pinged":"","post_modified":"2020-11-17 13:49:59","post_modified_gmt":"2020-11-17 13:49:59","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4000","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3655,"post_author":"3","post_date":"2020-10-21 17:06:04","post_date_gmt":"2020-10-21 16:06:04","post_content":"

HID Global has been working with banking software manufacturer Temenos to expand the features of its multi-factor authentication solution that are available to Temenos Infinity users. HID\u2019s risk-based authentication solution is pre-integrated with Temenos\u2019 digital front office product, Infinity.<\/p>\n

<\/p>\n

\u201cHID is committed to helping Temenos customers meet today\u2019s extraordinary demand for safe and secure access to mobile and online banking services as a result of the current global health crisis,\u201d said Brad Jarvis, Vice President and Managing Director of the Identity & Access Management Solutions with HID Global. \u201cWe are ensuring that Temenos Infinity users can benefit from the broadest range of capabilities in our risk-based authentication solution, from onboarding and transaction signing through self-service and management.\u201d<\/p>\n

<\/p>\n

HID\u2019s offering supports the latest Temenos Infinity capabilities through its HID ActivID Authentication Platform featuring the HID Risk Management Solution with real-time risk profiling technology. Temenos Infinity users now benefit from a wide range of options for authentication and onboarding, including static passwords, multiple types of One Time Passwords (OTPs) and FIDO hardware authenticators, and mobile push notification leveraging public key cryptography. In addition to this, further capabilities include <\/a>pre-integrated HID Identity Verification Service capabilities that simplify and enhance digital identity self-service and management while increasing administrative visibility.<\/p>\n

<\/p>\n

\u201cAs the leader in banking software, we know that the need for modern digital banking in this \u2018New Normal\u2019 will be greater than ever,\u201d said James Holland, Director of Product Security with Temenos. \u201cTemenos is helping banks support today\u2019s surge in digital banking volumes while also ensuring that these interactions are secure at every point, including the consumer\u2019s device where they are initiated.  We welcome these new capabilities from HID Global.\u201d<\/p>\n

<\/p>\n

<\/p>\n

www.hidglobal.com<\/a><\/p>","post_title":"HID Global expands multi-factor authentication features for Temenos Infinity","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"hid-global-expands-multi-factor-authentication-features-for-temenos-infinity","to_ping":"","pinged":"","post_modified":"2023-01-23 10:57:39","post_modified_gmt":"2023-01-23 10:57:39","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3655","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3642,"post_author":"3","post_date":"2020-10-21 11:14:26","post_date_gmt":"2020-10-21 10:14:26","post_content":"

Mastercard has partnered with IDEMIA and MatchMove for its first pilot in Asia of a biometric card that uses a fingerprint to authorise transactions at in-store payment terminals. The card, with the product name F.CODE Easy, is said to make transactions more convenient, safe and secure by eliminating the need for a cardholder to provide a PIN number or signature, thereby reducing touch points in public places.<\/p>\n

<\/p>\n

Developed by IDEMIA in accordance with Mastercard\u2019s technical and design specifications, F.CODE Easy stores all biometric credentials on the card chip rather than a central database. The battery-free card, which harvests energy from payment terminals to power its fingerprint sensor, is designed to be user-friendly and is certified to ISO standards by Mastercard for security and compliance.<\/p>\n

<\/p>\n

MatchMove, a Banking as a Service provider in Singapore, will issue the biometric cards for the pilot in the fourth quarter of 2020. The pilot will feature employees of Mastercard, IDEMIA and MatchMove using the cards for transactions and live demonstrations for customers.<\/p>\n

<\/p>\n

\u201cAs people make a permanent move to contactless transactions, the biometric card promises more choice and greater security for consumers,\u201d said Matthew Driver, Executive Vice President, Services, Asia Pacific, Mastercard. \u201cWith Mastercard\u2019s focus on digital commerce, this solution is a testament to the innovative partnerships Mastercard cultivates and its mission to provide fast, frictionless payment experiences that are protected at every point.\u201d<\/p>\n

<\/p>\n

\u201cWe are proud to celebrate this milestone on our journey to shaping the future of payments into one powered by biometrics,\u201d said Vincent Mouret, Senior Vice President of Financial Institutions Asia Pacific at IDEMIA. \u201cWe are delighted to partner with Mastercard and MatchMove to launch F.CODE Easy in Asia and we look forward to continuing to work together to provide end-to-end security for fintechs.\u201d<\/p>\n

<\/p>\n

\u201cWe are excited to partner with IDEMIA and Mastercard to pioneer cutting-edge solutions that empower our customers to make safe and secure payments,\u201d said Amar Abrol, Chief Commercial Officer at MatchMove. \u201cBy leveraging F.CODE Easy, we can enable multiple use cases for our clients who in turn create greater value and utility for their customers, employees, suppliers and partners. We look forward to working together and introducing new innovative solutions to the market.\u201d<\/p>\n

<\/p>\n

www.idemia.com<\/a><\/p>","post_title":"Mastercard, IDEMIA and MatchMove pilot biometric Card in Asia","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"mastercard-idemia-and-matchmove-pilot-biometric-card-in-asia","to_ping":"","pinged":"","post_modified":"2022-12-14 16:11:10","post_modified_gmt":"2022-12-14 16:11:10","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3642","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3400,"post_author":"3","post_date":"2020-10-16 17:52:28","post_date_gmt":"2020-10-16 16:52:28","post_content":"Zimperium discusses the security and privacy issues found in 400 mobile banking and payment apps distributed in the EMEA region.","post_title":"Security and risk findings in the top 400 EMEA mobile banking apps","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"security-and-risk-findings-in-the-top-400-emea-mobile-banking-apps","to_ping":"","pinged":"","post_modified":"2020-10-16 17:52:30","post_modified_gmt":"2020-10-16 16:52:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3400","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"}],"next":false,"prev":false,"total_page":1},"paged":1,"column_class":"jeg_col_2o3","class":"epic_block_14"};

\n

www.proofid.com<\/a><\/p>\n","post_title":"Ping Identity and ProofID supply identity security for Tesco Bank","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-and-proofid-supply-identity-security-for-tesco-bank","to_ping":"","pinged":"","post_modified":"2021-05-18 14:56:46","post_modified_gmt":"2021-05-18 13:56:46","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6153","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":6132,"post_author":"1","post_date":"2021-05-14 16:19:02","post_date_gmt":"2021-05-14 15:19:02","post_content":"Cloud technology has been proven to help businesses remain operational during the pandemic and has helped facilitate a digital transformation process that was already underway in many sectors, including financial services. Now, as the success of the vaccination programme and drop in infection rates leads to a relaxing of lockdown regulations, retail and investment banks will be looking to help large numbers of employees back to work to resume full service.\n\nBut this gradual transition will require planning and consideration to be given to health and safety alongside the expected high levels of security. While mask wearing and social distancing measures are set to be relaxed over the coming months, it\u2019s nevertheless imperative that day-to-day business is not jeopardised by a spread of infection as a result of complacency. This is where technology has an important role to play, with benefits that will transcend the pandemic, equipping banks and financial services for future challenges.\n\nThe evolution of hosted physical security<\/strong>\n\nPhysical security too is transforming. In today\u2019s modern world, dated standalone CCTV and manually operated access barriers, are increasingly being replaced with cloud-enabled network cameras and digital access control mechanisms. Such technologies provide multiple layers of protection, both at a building\u2019s entrance and within the premises itself. The internet of things (IoT) brings seamless device connectivity and data sharing for a streamlined, efficient and intelligent security solution.\n\nTo better understand the capacity for cloud to help improve security and provide operational benefits during the pandemic and beyond, hosted security provider Morphean, commissioned a survey of 1,000 senior decision makers across the UK, Germany and Sweden. Results revealed that 51% of respondents are currently using a cloud-based video surveillance (VSaaS) and\/or a door entry\/access control system (ACaaS), and that 95% of those surveyed agree that if an existing security system could deliver insights beyond security to assist decision making it would influence adoption.\n\nImproving the management of premises and people<\/strong>\n\nIn such a high security environment, VSaaS and ACaaS can help managers to determine staff whereabouts and to know who is in the building at any one time. For example, an access control solution which is linked to an HR database can check the swipe of an access card against staff records. Surveillance cameras also provide secondary authentication through visual clarification of an individual\u2019s identity. An employee who is flagged by the system as being on leave, absent or no longer employed will trigger an automated alert to relevant personnel, who can take swift action.\n\nWith concerns turning to the potential spread of Covid-19 variants, frictionless access control mechanisms ensure a fast and hands-free method of admitting staff to the premises, using surveillance cameras, QR codes, or mobile phone identification to avoid the touching of shared surfaces, minimising cross infection risk. IP audio equipment that is connected to the surveillance system can be used to issue messages, either pre-recorded or in real-time, to remind staff of the importance of maintaining a safe distance from each other and configured to trigger an automated warning message while simultaneously making security personnel aware of any situation.\n\nUnlocking powerful operational insights<\/strong>\n\nEnsuring that only staff who are necessary for day-to-day operations are on site is a sensible way to further minimise infection risk. Remote monitoring and operational insights can be employed to check premises via tablet or mobile, removing any need to enter a site unnecessarily. In fact, access from any location (32%), remote maintenance (31%), and the ability to monitor empty sites (29%) were all identified as key benefits of introducing VSaaS and ACaaS, alongside better security (40%) and better functionality (33%). VSaaS and ACaaS include regular software updates and firmware upgrades, resulting in a solution that is always online and always up to date.\n\nVSaaS and ACaaS are based on a pay-per-use business model which means that systems can be easily scaled up or down in accordance with customer requirements, while monthly recurring payments remove the need for large upfront capital expenditure. Partnering with a trusted physical security provider will ensure delivery of a future-proof system that\u2019s capable of high levels of security while unlocking powerful business intelligence. Managers will benefit from insight into staff movement around the premises and adherence to health and safety protocols for complete peace of mind.\n\nThe evolving threat landscape and the broad range of challenges that the future will bring is something that all companies must consider. Fortunately, cloud-enabled physical security now appears to sit firmly on the agenda. For the banking and finance industry, VSaaS and ACaaS provide a flexible security and business solution that will enable them to meet ever evolving demands and confidently face the future.\n\nFor further insights on VSaaS and ACaaS adoption in Europe, download Morphean's whitepaper:\n\nLandscape Report 2020\/21: Hosted Security adoption in Europe<\/a>\n\nwww.morphean.com<\/a>","post_title":"Opinion | Improving banking security and operations through innovations in cloud","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"opinion-improving-banking-security-and-operations-through-innovations-in-cloud","to_ping":"","pinged":"","post_modified":"2021-05-14 16:19:05","post_modified_gmt":"2021-05-14 15:19:05","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6132","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":6070,"post_author":"48","post_date":"2021-05-12 13:00:28","post_date_gmt":"2021-05-12 12:00:28","post_content":"\n

Employee safety is a top priority in retail stores, bank branches, and similar applications. Using Bosch's method of integrating the intrusion system's panic buttons or bill trap sensors with the radio dispatch system, this can provide added security by alerting security personnel to high-risk situations.<\/p>\n\n\n\n

\nhttps:\/\/www.youtube.com\/watch?v=-Erg_9Y9y28&ab_channel=BoschSecurityandSafetySystems\n<\/div><\/figure>\n\n\n\n

https:\/\/www.boschsecurity.com\/gb\/en\/<\/a><\/p>\n","post_title":"Bosch Security Systems | Assuring employee safety","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bosch-security-systems-assuring-employee-safety","to_ping":"","pinged":"","post_modified":"2022-07-11 20:22:00","post_modified_gmt":"2022-07-11 19:22:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6070","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5921,"post_author":"3","post_date":"2021-04-30 17:35:38","post_date_gmt":"2021-04-30 16:35:38","post_content":"Reiknistofa bankanna (RB), an IT service provider for Icelandic financial institutions, has recently overhauled its security infrastructure with Genetec Security Center. Following a project from systems integrator Hafnes Ehf, RB is now using Genetec to manage its cameras, access control and video analytics through a single interface.\n\nRB is a provider of mission-critical IT systems for Icelandic financial institutions, responsible for the country\u2019s central clearance and settlement system, and a number of multi-tenant core banking solutions. RB places a very high importance on security, not only to ensure its data stays safe, but also to protect employees and visiting clients. While its server rooms and offices were protected via disparate video and access control systems, the technology was old, and maintenance was becoming both a financial and an operational burden.\n\nRB operates its solutions across multiple data centres in a shared, multi-bank environment. This requires a system that brings video and access control into a single solution. As an open unified platform, Genetec Security Center was reportedly chosen as it simplified daily security operations, allowed for further integration with other tools such as RB\u2019s heating and cooling systems, and delivered business-wide value.\n\n\u201cFrom day one we wanted a unified system which could help our teams understand the situation quickly; alerting them if anything required their attention,\u201d said Geir S\u00e6mundsson, Datacentre Manager at Reiknistofa bankanna. \u201cThe Genetec solution does just this and is allowing us to build-in customised alerts so we gain business intelligence \u2013 providing us with better ROI.\u201d\n\n\u201cPhysical security teams are demanding simplicity and greater functionality,\u201d added Anthonie van der Ploeg, Director of Sales for Benelux & Nordics at Genetec. \u201cUnification can offer them both by bringing together all security system components seamlessly in a single software platform in a way that can vastly improve security management. We are delighted that Iceland\u2019s Reiknistofa Bankanna has experienced the deep business insights Genetec Security Center is capable of delivering and we look forward to supporting them as they evolve and grow their operations.\u201d\n\n\u201cThe time savings delivered by Genetec have been immense,\u201d concluded S\u00e6mundsson. \u201cIt\u2019s been a worthwhile investment, especially as it can evolve with us, and allows us to move at our chosen speed. Considering its ease of use, deep integration and leading analytics, we look forward to continuing the partnership over the coming years.\u201d\n\nwww.genetec.com<\/a>","post_title":"Genetec protects Iceland\u2019s financial services backbone","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"genetec-protects-icelands-financial-services-backbone","to_ping":"","pinged":"","post_modified":"2023-01-23 10:33:37","post_modified_gmt":"2023-01-23 10:33:37","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5921","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5156,"post_author":"3","post_date":"2021-03-04 08:47:26","post_date_gmt":"2021-03-04 08:47:26","post_content":"Bothwell Exchange, a new construction commercial space in Glasgow, Scotland, has installed an array of Boon Edam\u2019s Speedlane Slide optical turnstiles in the lobby and two TQA automatic revolving doors at the main entrance to control access.\n\nBothwell Exchange is a 9-storey, 155,000 sq. ft. commercial building located at 122 Waterloo Street in Glasgow, Scotland\u2019s International Financial Services District (IFSD). The location houses various international banking giants, as well as a gym, a kitchen and other amenities for employees. Architectural firm Michael Laird Associates led the design of the project, to create modern design with an open, column-free look and feel.\n\nWhen the project was completed, Bothwell Exchange was named the first development in Scotland to achieve the Platinum Wiredscore Certification, demonstrating that the building goes above and beyond to meet its tenants\u2019 connectivity needs. Bothwell Exchange was also awarded a BREEAM Excellent Rating, a performance standard which measures a building\u2019s sustainable value in a series of categories, ranging from energy to ecology.\n\nThe architects wanted to incorporate an automatic revolving door into the entrance of the building. Revolving doors are \u201calways open, always closed,\u201d meaning that no matter the position of the door, there is always a seal between the outside environment and the interior building. This helps save on energy costs and lobby space, without slowing down traffic. In consideration of these benefits, it was decided that the Bothwell Exchange entrance would consist of two automatic, 4-wing TQA revolving doors finished in 316 stainless steel. Additionally, for added security after hours, each door was outfitted with an external night sliding door set that completely seals the throat opening and can be locked to deter intruders.\n\nDuring the construction phase of building design, the architects communicated a need to incorporate security measures into the open lobby without impairing the flow of traffic in and out of the building. After a discussion around the estimated traffic needs of the building, the team decided to install a four-lane array of Speedlane Slide optical turnstiles to control unauthorised entry while still allowing 20-30 people per lane to enter each minute. To handle multiple types of traffic, the turnstile array was comprised of three standard-width lanes and one ADA-width lane. The wide lane would accommodate both employee traffic and the occasional wheelchair or delivery.\n\nwww.boonedam.com<\/a>","post_title":"Bothwell Exchange installs Boon Edam turnstiles and revolving doors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bothwell-exchange-installs-boon-edam-turnstiles-and-revolving-doors","to_ping":"","pinged":"","post_modified":"2021-03-04 08:47:30","post_modified_gmt":"2021-03-04 08:47:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5156","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4810,"post_author":"3","post_date":"2021-02-03 15:16:33","post_date_gmt":"2021-02-03 15:16:33","post_content":"Dahua Technology UK and Ireland has created a feature-rich virtual experience dubbed the Virtual Innovation Centre as a way to counter the continued absence of face-to-face trade events during the pandemic.\n\nThe innovation centre features immersive virtual reality, where visitors are able to walk through a pavilion and see Dahua\u2019s latest product and technology innovations. Visitors can select an automatic tour of the entire pavilion to get an overview on what is on offer, with the option of stopping at particular exhibits to drill down to the level of detail they require. Alternatively, visitors can navigate the pavilion at their own pace, stopping off wherever they like. Users can visit the site around the clock, and there is no limit to the number of times it can be accessed.\n\n\u201cWe are thrilled by the launch of our Virtual Innovation Centre, which has been carefully planned and designed to give users the optimum experience from the comfort and safety of their own homes or offices,\u201d said Michael Lawrence, Marketing Director for Dahua UK & Ireland. \u201cIt is the closest thing visitors can get to a live physical exhibition, but with the addition of a wealth of multimedia and online content.\u201d\n\nExhibits include: video solutions with AI learning capabilities; a range of temperature monitoring solutions including TMAC, Dahua\u2019s contactless temperature monitoring access control system; smart home and smart retail applications; and video intercom solutions. There are also areas dedicated to specific vertical applications such as smart transport, safe cities, smart retail and smart banking.\n\nvirtual-innovation-centre.dahuasecuritysolutions.co.uk<\/a>","post_title":"Dahua UK and Ireland launches virtual innovation centre","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"dahua-uk-and-ireland-launches-virtual-innovation-centre","to_ping":"","pinged":"","post_modified":"2021-02-03 15:16:35","post_modified_gmt":"2021-02-03 15:16:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4810","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4801,"post_author":"3","post_date":"2021-02-03 09:41:54","post_date_gmt":"2021-02-03 09:41:54","post_content":"Ping Identity has launched PingOne Verify, a cloud service that helps enterprises verify their customers\u2019 identities for rapid account onboarding, authentication and fraud prevention. The new service is the latest addition to Ping Identity\u2019s suite of cloud services for identity and access management (IAM).\n\n\u201cEnterprises need individuals to verify their identity to prevent fraud, but if the verification process is too cumbersome, they risk losing customers in their first interactions with the business,\u201d said Andre Durand, CEO and founder of Ping Identity. \u201cPingOne Verify is a simple way to verify identities that meets all of an enterprise\u2019s security requirements, while giving customers a streamlined, passwordless, onboarding experience.\u201d\n\nPingOne Verify enables enterprises to embed identity verification directly into their customer-facing mobile app. Customers provide live-capture selfies along with an image of their government-issued identification card, such as a driver\u2019s license or passport. The technology leverages \u2018liveness detection\u2019, in which customers\u2019 facial gestures \u2013 like smiling and straight-faced \u2013 are captured in a continuous stream, rather than a single static image, allowing PingOne Verify to ensure the end-user is a real, live person who is able to follow instructions.\n\nThe system uses facial recognition technology to match the live-face capture with the customer\u2019s image on their government ID. Once it is determined to be a match, PingOne Verify then taps into external data services to validate the government ID is not tampered with or modified. The service connects a customer\u2019s verified identity to their mobile device during the initial verification, bypassing the need to scan a government ID on subsequent verifications. The manufacturer states that this approach can lower the overall cost of identity verification for enterprises without impacting security.\n\nPing Identity believes its new service is ideal for companies in regulated industries, such as financial services and insurance, which have strict Know Your Customer (KYC) requirements. The risk level during the first interaction with a customer has high potential for fraudulent activity or account takeover. PingOne Verify could help these enterprises make sure that they are engaging with the right customers from the very first interaction.\n\nwww.pingidentity.com<\/a>","post_title":"Ping Identity launches identity verification service","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-launches-identity-verification-service","to_ping":"","pinged":"","post_modified":"2021-02-03 09:42:00","post_modified_gmt":"2021-02-03 09:42:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4801","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4739,"post_author":"3","post_date":"2021-01-30 02:27:00","post_date_gmt":"2021-01-30 02:27:00","post_content":"Software-Defined Trust specialists MagicCube has been appointed to the Board of Advisors at the PCI Security Standards Council (PCI SSC), whose role helps to ensure the security of card payment systems and determines international standards. MagicCube\u2019s CTO and co-founder, Nancy Zayed, will sit on the board.\n\n\u201cThe Board of Advisors provides industry expertise and perspectives that influence and shape the development of PCI Security Standards and programmes,\u201d said Lance J Johnson, PCI SSC Executive Director. \u201cWe look forward to working with MagicCube in our efforts to help organisations secure payment data globally.\u201d\n\nMagicCube\u2019s appointment is the first of a startup to the Board, which includes the likes of Amazon, JPMorganChase, Citi and PayPal, and the first of a Software-Defined Trust (SDT) platform designed for payments.\n\n\u201cWe rely on input from the Board of Advisors to develop data security standards and programmes that help businesses globally detect, mitigate and prevent cyberattacks and breaches,\u201d said Troy Leach, PCI SSC SVP Engagement Officer. \u201cWe\u2019re pleased to have MagicCube on the PCI SSC Board of Advisors to provide critical insights and help us build on the great efforts that are already being done to increase payment security globally.\u201d\n\n\u201cWe\u2019re extremely proud to have been elected to join the PCI Security Standards Council\u2019s Board of Advisors to continue our work on advising in the development of the PCI Security Standards,\u201d said Zayed. \u201cWe are hoping to share and contribute our experience in providing innovative provable software security technologies designed to come to par with hardware-based security yet competes with it in terms of practicality and ease of adoption, therefore enriching solutions\u2019 availability and extending optionality and speeds of adoption. Our objective of working within the Council to create and advance the standards for adopting new security technologies delivers on the Council\u2019s mission of maintaining the same high level of security of large volume of transactions across the many forms and configurations of payment platforms.\u201d\n\nwww.magiccube.co<\/a>","post_title":"MagicCube appointed to PCI Security Standards Council Board of Advisors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"magiccube-appointed-to-pci-security-standards-council-board-of-advisors","to_ping":"","pinged":"","post_modified":"2021-01-29 16:34:21","post_modified_gmt":"2021-01-29 16:34:21","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4739","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4516,"post_author":"3","post_date":"2021-01-11 10:23:32","post_date_gmt":"2021-01-11 10:23:32","post_content":"A third-party file sharing service used by the Reserve Bank of New Zealand \u2013 Te P\u016btea Matua to share and store some sensitive information, has been illegally accessed. Governor Adrian Orr stated that the breach has been contained, but that it would take time to determine the impact.\n\n\u201cWe are actively working with domestic and international cyber security experts and other relevant authorities as part of our investigation,\u201d said Orr. \u201cThis includes the GCSB\u2019s National Cyber Security Centre which has been notified and is providing guidance and advice. We have been advised by the third party provider that this wasn\u2019t a specific attack on the Reserve Bank, and other users of the file sharing application were also compromised.\u201d\n\nThe bank is working to understand the nature and extent of information that has been potentially accessed. However, it warns that it may include some commercially and personally sensitive information. The bank reports that the breached system has been secured and taken offline and that it is working with system users whose information may have been accessed.\n\n\u201cOur core functions and New Zealand\u2019s financial system remain sound, and Te P\u016btea Matua is open for business. This includes our markets operations and management of the cash and payments systems,\u201d concluded Orr.\n\nwww.rbnz.govt.nz<\/a>","post_title":"Reserve Bank of New Zealand suffers data breach","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"reserve-bank-of-new-zealand-suffers-data-breach","to_ping":"","pinged":"","post_modified":"2021-01-11 10:23:35","post_modified_gmt":"2021-01-11 10:23:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4516","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4205,"post_author":"3","post_date":"2020-12-09 12:09:02","post_date_gmt":"2020-12-09 12:09:02","post_content":"Idemia has signed a deal with Rocker to enhance contactless payment security for the blue-chip Swedish FinTech and bank challenger. The agreement will see Idemia\u2019s F.CODE biometric payment cards undergo a proof of concept with Rocker customers during the first quarter of 2021.\n\n\u201cAs a bank challenger, we are constantly testing new technology to develop smarter financial services that are easier to use and that help our customers improve their everyday financial lives,\u201d stated Jonas Hultin, Chief Product Officer and one of Rocker\u2019s three founders. \u201cWe are moving at a high pace to provide new and attractive innovations to customers. Launching biometric F.CODE debit cards is part of our strategy to offer smart and secure payment solutions across platforms, whether you wish to pay with your mobile, a card or with a transfer. In doing so, we are first in Sweden and one of the first in the world to offer this payment technology for consumers.\u201d\n\nThe deal marks the first ever-biometric card proof of concept in Northern Europe and will see payments using the card fingerprint-checked in store. The F.CODE payment card adopts a biometric authentication procedure making transactions quicker, more hygienic and more secure as cardholders no longer need to enter a PIN or sign. The solution ensures security by storing all biometric credentials only in the chip on the card, rather than in a remote database.\n\nThe battery-free card that will be rolled out in mid-2021 following the proof of concept is powered by the payment terminal and is designed to be user-friendly. Rocker aims to offer the F.CODE card as a new service in its growing offering of retail financial services that are easier to use, more flexible and better priced. The proof of concept will be completed by the first quarter of 2021.\n\n\u201cWe are proud to partner with Rocker and to shape the future of payments, hand in hand with a FinTech at the cutting edge of innovation,\u201d said Amanda Gourbault, IDEMIA\u2019s Executive Vice-President Financial Institutions. \u201cWe are delighted to ensure an innovative yet seamless experience to Rocker\u2019s customers thanks to the use of biometrics.\u201d\n\nwww.idemia.com<\/a>","post_title":"Idemia partners with Rocker to offer the first biometric card in Sweden","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"idemia-partners-with-rocker-to-offer-the-first-biometric-card-in-sweden","to_ping":"","pinged":"","post_modified":"2022-12-14 16:10:48","post_modified_gmt":"2022-12-14 16:10:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4205","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4155,"post_author":"3","post_date":"2020-12-04 15:36:00","post_date_gmt":"2020-12-04 15:36:00","post_content":"

Thales has launched the Gemalto Intelligent Double-sided ID Card Reader CR5400i, a product it describes as the world\u2019s only double-sided ID card reader and the first to be able to examine ID cards or driving licenses in the cloud in less than four seconds.<\/p>\n

The manufacturer states that its reader protects businesses from fraud and forgery thanks to sophisticated mechanisms for superior document authentication. The \u201ci\u201d version permits multiple intelligent readers to be centrally connected via Wi-Fi for organisations that need to deploy a fleet of readers. The compact device can also be set up, managed and serviced remotely.<\/p>\n

To use the device, a user inserts their ID card into the reader which reads both sides of the card simultaneously. Once this action is complete, a LED changes from blue to green and the ID is ejected and returned to its owner with no physical interaction between the user and operator.<\/p>\n

\u201cAt Thales we are committed to bring both convenience and security to the ID verification process. With the new double-sided reader the user experience is smooth while the service provider can fight ID fraud benefitting from a flexible and easy-to-integrate solution,\u201d said James MacLean Director of Document Reading Solutions at Thales. \u201cIn addition, the Covid-19 context has brought new challenges that Thales\u2019 intelligent ID card reader answers with its touch-free feature.\u201d<\/p>\n

www.thalesgroup.com<\/a><\/p>\n \n\n ","post_title":"Thales unveils double-sided ID card reader","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"thales-unveils-double-sided-id-card-reader","to_ping":"","pinged":"","post_modified":"2020-12-03 17:38:48","post_modified_gmt":"2020-12-03 17:38:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4155","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4079,"post_author":"3","post_date":"2020-11-27 17:28:17","post_date_gmt":"2020-11-27 17:28:17","post_content":"The Australian Prudential Regulation Authority (APRA) has released its Cyber Security Strategy for 2020 to 2024. The strategy seeks to lift cybersecurity standards further and introduce heightened accountability where companies fail to meet their legally binding requirements. Most notably, it also aims to extend APRA\u2019s reach beyond its regulated entities to influence the broader eco-system of suppliers and providers they rely upon.\n\nIn a speech to the Financial Services Assurance Forum, APRA Executive Board Member Geoff Summerhayes stated: \u201cTo date, no APRA-regulated bank, insurer or superannuation fund has suffered a material cyber breach, but our view that it\u2019s only a matter of time until a major incident occurs hasn\u2019t changed. Although the financial industry takes cyber risk seriously, there is room for improvement. For example, too many boards still lack visibility or understanding of the problems, while internal audit functions can lack the specialist skills to challenge boards and management to plug urgent gaps.\u201d\n\nThe new strategy builds on APRA\u2019s previous strategic initiatives including the delivery of its information security prudential standard and prudential guidance, and establishing a notification and response process for material cyber incidents.\n\n\u201cThe Strategy has been informed by extensive consultation with the Department of Home Affairs, as well as Treasury, ASIC and the Reserve Bank of Australia, and is designed to complement Australia\u2019s Cyber Security Strategy 2020,\u201d explained Summerhayes. \u201cOur mission is to make a step change in Australia\u2019s financial system cyber resilience. Our vision is for a financial system that can stand firm against cyber-attacks.\u201d\n\nThe Strategy comprises three primary focus areas. First is to establish a baseline of cyber controls by reinforcing the embedding of non-negotiable cyber practices. The second priority is to enable boards and executives of financial institutions to oversee and direct correction of cyber exposures. The final branch of APRA\u2019s new strategy is to rectify weak links within the broader financial eco-system and supply chain by fostering the maturation of provider cyber-assessment and assurance, and harmonising the regulation and supervision of cyber across the financial system.\n\n\u201cAs the threat posed by domestic and international cyber adversaries grows, along with the potential impact of a successful attack, we must remain on guard and continue to build our defences,\u201d concluded Summerhayes. \u201cIn an environment where an attack on one of us could be an attack on any of us, we are all \u2013 governments, regulators, organisations and individuals \u2013 links in a chain \u2013 and we are in this battle together. By sharing information and expertise, pooling resources and taking prompt action to plug gaps and fix weak links, we create a community of cyber defenders that is greater than the sum of its parts. In doing so, we help to keep the chain as strong as possible, and lock out those who would do us harm.\u201d\n\nwww.apra.gov.au<\/a>","post_title":"APRA releases new cybersecurity strategy","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"apra-releases-new-cybersecurity-strategy","to_ping":"","pinged":"","post_modified":"2020-11-27 17:28:22","post_modified_gmt":"2020-11-27 17:28:22","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4079","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4000,"post_author":"3","post_date":"2020-11-17 13:49:56","post_date_gmt":"2020-11-17 13:49:56","post_content":"ESET researchers have discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates stolen from two different companies. The attack was made easier for Lazarus as South Korean internet users are often asked to install additional security software when visiting government or internet banking websites.\n\n\u201cTo understand this novel supply-chain attack, you should be aware that Wizvera VeraPort, referred to as an integration installation program, is a South Korean application that helps manage such additional security software. When Wizvera VeraPort is installed, users receive and install all necessary software required by a specific website. Minimal user interaction is required to start such software installation,\u201d explained Anton Cherepanov, ESET researcher who led the investigation into the attack. \u201cUsually this software is used by government and banking websites in South Korea. For some of these websites it\u2019s mandatory to have Wizvera VeraPort installed.\u201d\n\n\u201cWhile the Wizvera software does exhibit security maturity and offers a safeguard to cyber threats, it only does what the configuration file instructs,\u201d observed Boris Cipot, senior security engineer at Synopsys. \u201cIn other words, the file informs Wizvera on which software it should install. All that hackers had to do was find the websites that were easiest to breach. Once breached, the attacker could then replace legitimate binaries with malicious ones. This enables Wizvera to install malicious software on visitors\u2019 devices.\u201d\n\nAdditionally, the attackers used illegally obtained code-signing certificates in order to sign the malware samples. One of these certificates was issued to the US branch of a South Korean security company. \u201cThe attackers camouflaged the Lazarus malware samples as legitimate software. These samples have similar file names, icons and resources as legitimate South Korean software,\u201d says Peter K\u00e1lnai, ESET researcher who analysed the Lazarus attack with Cherepanov. \u201cIt\u2019s the combination of compromised websites with Wizvera VeraPort support and specific VeraPort configuration options that allows attackers to perform this attack.\u201d\n\n\u201cWhat has transpired here highlights how cybersecurity does not operate within a vacuum,\u201d added Stuart Sharp, VP of Technical Services at OneLogin. \u201cMaintaining good cybersecurity requires keeping an eye on the basics, and ensuring that the organisations you partner with in the supply chain do as well - as the saying goes, your security is only as strong as your weakest link. In this instance, the South Korean government should ensure that the software manager verifies the owner of the certificate, and that all organisations within their supply chain are adhering to a standard set of cyber hygiene rules as well as performing regular security audits. This is particularly true if they are requiring users to download software to access certain services.\u201d\n\n\u201cThis attack by Lazarus group is yet another example of how cybercriminals will try to compromise the supply chain at any weak spot to gain access,\u201d agreed Javvad Malik, Security Awareness Advocate at KnowBe4. \u201cIt's therefore essential that all organisations have effective and robust security controls in place to maintain the integrity of their supply chains and the security of transactions which take place across them. We saw Petya ransomware spread through most of Ukraine due to a compromised tax filing software. Government departments in particular need to keep a close eye on mandatory software or portals which, if compromised, can quickly have large impacts.\u201d\n\n\u201cThis is yet another case of cybercriminals finding loopholes in security procedures,\u201d concluded Cipot. \u201cBased on feedback from ESET researchers, the easiest prevention of such an attack would be to provide hashes on the binaries in the configuration files. That way, the binary cannot be installed if the hashes do not match. Unfortunately, skipping this extra security step has allowed attackers to abuse the otherwise robust system. We see this often, where misconfiguration can lead to significant consequences. While typically we hear about instances of misconfigured S3 buckets, in this case, it was a misconfigured instruction file.\u201d\n\nwww.eset.com<\/a>","post_title":"ESET Research discovers Lazarus attack in South Korea","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"eset-research-discovers-lazarus-attack-in-south-korea","to_ping":"","pinged":"","post_modified":"2020-11-17 13:49:59","post_modified_gmt":"2020-11-17 13:49:59","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4000","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3655,"post_author":"3","post_date":"2020-10-21 17:06:04","post_date_gmt":"2020-10-21 16:06:04","post_content":"

HID Global has been working with banking software manufacturer Temenos to expand the features of its multi-factor authentication solution that are available to Temenos Infinity users. HID\u2019s risk-based authentication solution is pre-integrated with Temenos\u2019 digital front office product, Infinity.<\/p>\n

<\/p>\n

\u201cHID is committed to helping Temenos customers meet today\u2019s extraordinary demand for safe and secure access to mobile and online banking services as a result of the current global health crisis,\u201d said Brad Jarvis, Vice President and Managing Director of the Identity & Access Management Solutions with HID Global. \u201cWe are ensuring that Temenos Infinity users can benefit from the broadest range of capabilities in our risk-based authentication solution, from onboarding and transaction signing through self-service and management.\u201d<\/p>\n

<\/p>\n

HID\u2019s offering supports the latest Temenos Infinity capabilities through its HID ActivID Authentication Platform featuring the HID Risk Management Solution with real-time risk profiling technology. Temenos Infinity users now benefit from a wide range of options for authentication and onboarding, including static passwords, multiple types of One Time Passwords (OTPs) and FIDO hardware authenticators, and mobile push notification leveraging public key cryptography. In addition to this, further capabilities include <\/a>pre-integrated HID Identity Verification Service capabilities that simplify and enhance digital identity self-service and management while increasing administrative visibility.<\/p>\n

<\/p>\n

\u201cAs the leader in banking software, we know that the need for modern digital banking in this \u2018New Normal\u2019 will be greater than ever,\u201d said James Holland, Director of Product Security with Temenos. \u201cTemenos is helping banks support today\u2019s surge in digital banking volumes while also ensuring that these interactions are secure at every point, including the consumer\u2019s device where they are initiated.  We welcome these new capabilities from HID Global.\u201d<\/p>\n

<\/p>\n

<\/p>\n

www.hidglobal.com<\/a><\/p>","post_title":"HID Global expands multi-factor authentication features for Temenos Infinity","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"hid-global-expands-multi-factor-authentication-features-for-temenos-infinity","to_ping":"","pinged":"","post_modified":"2023-01-23 10:57:39","post_modified_gmt":"2023-01-23 10:57:39","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3655","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3642,"post_author":"3","post_date":"2020-10-21 11:14:26","post_date_gmt":"2020-10-21 10:14:26","post_content":"

Mastercard has partnered with IDEMIA and MatchMove for its first pilot in Asia of a biometric card that uses a fingerprint to authorise transactions at in-store payment terminals. The card, with the product name F.CODE Easy, is said to make transactions more convenient, safe and secure by eliminating the need for a cardholder to provide a PIN number or signature, thereby reducing touch points in public places.<\/p>\n

<\/p>\n

Developed by IDEMIA in accordance with Mastercard\u2019s technical and design specifications, F.CODE Easy stores all biometric credentials on the card chip rather than a central database. The battery-free card, which harvests energy from payment terminals to power its fingerprint sensor, is designed to be user-friendly and is certified to ISO standards by Mastercard for security and compliance.<\/p>\n

<\/p>\n

MatchMove, a Banking as a Service provider in Singapore, will issue the biometric cards for the pilot in the fourth quarter of 2020. The pilot will feature employees of Mastercard, IDEMIA and MatchMove using the cards for transactions and live demonstrations for customers.<\/p>\n

<\/p>\n

\u201cAs people make a permanent move to contactless transactions, the biometric card promises more choice and greater security for consumers,\u201d said Matthew Driver, Executive Vice President, Services, Asia Pacific, Mastercard. \u201cWith Mastercard\u2019s focus on digital commerce, this solution is a testament to the innovative partnerships Mastercard cultivates and its mission to provide fast, frictionless payment experiences that are protected at every point.\u201d<\/p>\n

<\/p>\n

\u201cWe are proud to celebrate this milestone on our journey to shaping the future of payments into one powered by biometrics,\u201d said Vincent Mouret, Senior Vice President of Financial Institutions Asia Pacific at IDEMIA. \u201cWe are delighted to partner with Mastercard and MatchMove to launch F.CODE Easy in Asia and we look forward to continuing to work together to provide end-to-end security for fintechs.\u201d<\/p>\n

<\/p>\n

\u201cWe are excited to partner with IDEMIA and Mastercard to pioneer cutting-edge solutions that empower our customers to make safe and secure payments,\u201d said Amar Abrol, Chief Commercial Officer at MatchMove. \u201cBy leveraging F.CODE Easy, we can enable multiple use cases for our clients who in turn create greater value and utility for their customers, employees, suppliers and partners. We look forward to working together and introducing new innovative solutions to the market.\u201d<\/p>\n

<\/p>\n

www.idemia.com<\/a><\/p>","post_title":"Mastercard, IDEMIA and MatchMove pilot biometric Card in Asia","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"mastercard-idemia-and-matchmove-pilot-biometric-card-in-asia","to_ping":"","pinged":"","post_modified":"2022-12-14 16:11:10","post_modified_gmt":"2022-12-14 16:11:10","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3642","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3400,"post_author":"3","post_date":"2020-10-16 17:52:28","post_date_gmt":"2020-10-16 16:52:28","post_content":"Zimperium discusses the security and privacy issues found in 400 mobile banking and payment apps distributed in the EMEA region.","post_title":"Security and risk findings in the top 400 EMEA mobile banking apps","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"security-and-risk-findings-in-the-top-400-emea-mobile-banking-apps","to_ping":"","pinged":"","post_modified":"2020-10-16 17:52:30","post_modified_gmt":"2020-10-16 16:52:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3400","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"}],"next":false,"prev":false,"total_page":1},"paged":1,"column_class":"jeg_col_2o3","class":"epic_block_14"};

\n

www.pingidentity.com<\/a><\/p>\n\n\n\n

www.proofid.com<\/a><\/p>\n","post_title":"Ping Identity and ProofID supply identity security for Tesco Bank","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-and-proofid-supply-identity-security-for-tesco-bank","to_ping":"","pinged":"","post_modified":"2021-05-18 14:56:46","post_modified_gmt":"2021-05-18 13:56:46","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6153","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":6132,"post_author":"1","post_date":"2021-05-14 16:19:02","post_date_gmt":"2021-05-14 15:19:02","post_content":"Cloud technology has been proven to help businesses remain operational during the pandemic and has helped facilitate a digital transformation process that was already underway in many sectors, including financial services. Now, as the success of the vaccination programme and drop in infection rates leads to a relaxing of lockdown regulations, retail and investment banks will be looking to help large numbers of employees back to work to resume full service.\n\nBut this gradual transition will require planning and consideration to be given to health and safety alongside the expected high levels of security. While mask wearing and social distancing measures are set to be relaxed over the coming months, it\u2019s nevertheless imperative that day-to-day business is not jeopardised by a spread of infection as a result of complacency. This is where technology has an important role to play, with benefits that will transcend the pandemic, equipping banks and financial services for future challenges.\n\nThe evolution of hosted physical security<\/strong>\n\nPhysical security too is transforming. In today\u2019s modern world, dated standalone CCTV and manually operated access barriers, are increasingly being replaced with cloud-enabled network cameras and digital access control mechanisms. Such technologies provide multiple layers of protection, both at a building\u2019s entrance and within the premises itself. The internet of things (IoT) brings seamless device connectivity and data sharing for a streamlined, efficient and intelligent security solution.\n\nTo better understand the capacity for cloud to help improve security and provide operational benefits during the pandemic and beyond, hosted security provider Morphean, commissioned a survey of 1,000 senior decision makers across the UK, Germany and Sweden. Results revealed that 51% of respondents are currently using a cloud-based video surveillance (VSaaS) and\/or a door entry\/access control system (ACaaS), and that 95% of those surveyed agree that if an existing security system could deliver insights beyond security to assist decision making it would influence adoption.\n\nImproving the management of premises and people<\/strong>\n\nIn such a high security environment, VSaaS and ACaaS can help managers to determine staff whereabouts and to know who is in the building at any one time. For example, an access control solution which is linked to an HR database can check the swipe of an access card against staff records. Surveillance cameras also provide secondary authentication through visual clarification of an individual\u2019s identity. An employee who is flagged by the system as being on leave, absent or no longer employed will trigger an automated alert to relevant personnel, who can take swift action.\n\nWith concerns turning to the potential spread of Covid-19 variants, frictionless access control mechanisms ensure a fast and hands-free method of admitting staff to the premises, using surveillance cameras, QR codes, or mobile phone identification to avoid the touching of shared surfaces, minimising cross infection risk. IP audio equipment that is connected to the surveillance system can be used to issue messages, either pre-recorded or in real-time, to remind staff of the importance of maintaining a safe distance from each other and configured to trigger an automated warning message while simultaneously making security personnel aware of any situation.\n\nUnlocking powerful operational insights<\/strong>\n\nEnsuring that only staff who are necessary for day-to-day operations are on site is a sensible way to further minimise infection risk. Remote monitoring and operational insights can be employed to check premises via tablet or mobile, removing any need to enter a site unnecessarily. In fact, access from any location (32%), remote maintenance (31%), and the ability to monitor empty sites (29%) were all identified as key benefits of introducing VSaaS and ACaaS, alongside better security (40%) and better functionality (33%). VSaaS and ACaaS include regular software updates and firmware upgrades, resulting in a solution that is always online and always up to date.\n\nVSaaS and ACaaS are based on a pay-per-use business model which means that systems can be easily scaled up or down in accordance with customer requirements, while monthly recurring payments remove the need for large upfront capital expenditure. Partnering with a trusted physical security provider will ensure delivery of a future-proof system that\u2019s capable of high levels of security while unlocking powerful business intelligence. Managers will benefit from insight into staff movement around the premises and adherence to health and safety protocols for complete peace of mind.\n\nThe evolving threat landscape and the broad range of challenges that the future will bring is something that all companies must consider. Fortunately, cloud-enabled physical security now appears to sit firmly on the agenda. For the banking and finance industry, VSaaS and ACaaS provide a flexible security and business solution that will enable them to meet ever evolving demands and confidently face the future.\n\nFor further insights on VSaaS and ACaaS adoption in Europe, download Morphean's whitepaper:\n\nLandscape Report 2020\/21: Hosted Security adoption in Europe<\/a>\n\nwww.morphean.com<\/a>","post_title":"Opinion | Improving banking security and operations through innovations in cloud","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"opinion-improving-banking-security-and-operations-through-innovations-in-cloud","to_ping":"","pinged":"","post_modified":"2021-05-14 16:19:05","post_modified_gmt":"2021-05-14 15:19:05","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6132","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":6070,"post_author":"48","post_date":"2021-05-12 13:00:28","post_date_gmt":"2021-05-12 12:00:28","post_content":"\n

Employee safety is a top priority in retail stores, bank branches, and similar applications. Using Bosch's method of integrating the intrusion system's panic buttons or bill trap sensors with the radio dispatch system, this can provide added security by alerting security personnel to high-risk situations.<\/p>\n\n\n\n

\nhttps:\/\/www.youtube.com\/watch?v=-Erg_9Y9y28&ab_channel=BoschSecurityandSafetySystems\n<\/div><\/figure>\n\n\n\n

https:\/\/www.boschsecurity.com\/gb\/en\/<\/a><\/p>\n","post_title":"Bosch Security Systems | Assuring employee safety","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bosch-security-systems-assuring-employee-safety","to_ping":"","pinged":"","post_modified":"2022-07-11 20:22:00","post_modified_gmt":"2022-07-11 19:22:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6070","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5921,"post_author":"3","post_date":"2021-04-30 17:35:38","post_date_gmt":"2021-04-30 16:35:38","post_content":"Reiknistofa bankanna (RB), an IT service provider for Icelandic financial institutions, has recently overhauled its security infrastructure with Genetec Security Center. Following a project from systems integrator Hafnes Ehf, RB is now using Genetec to manage its cameras, access control and video analytics through a single interface.\n\nRB is a provider of mission-critical IT systems for Icelandic financial institutions, responsible for the country\u2019s central clearance and settlement system, and a number of multi-tenant core banking solutions. RB places a very high importance on security, not only to ensure its data stays safe, but also to protect employees and visiting clients. While its server rooms and offices were protected via disparate video and access control systems, the technology was old, and maintenance was becoming both a financial and an operational burden.\n\nRB operates its solutions across multiple data centres in a shared, multi-bank environment. This requires a system that brings video and access control into a single solution. As an open unified platform, Genetec Security Center was reportedly chosen as it simplified daily security operations, allowed for further integration with other tools such as RB\u2019s heating and cooling systems, and delivered business-wide value.\n\n\u201cFrom day one we wanted a unified system which could help our teams understand the situation quickly; alerting them if anything required their attention,\u201d said Geir S\u00e6mundsson, Datacentre Manager at Reiknistofa bankanna. \u201cThe Genetec solution does just this and is allowing us to build-in customised alerts so we gain business intelligence \u2013 providing us with better ROI.\u201d\n\n\u201cPhysical security teams are demanding simplicity and greater functionality,\u201d added Anthonie van der Ploeg, Director of Sales for Benelux & Nordics at Genetec. \u201cUnification can offer them both by bringing together all security system components seamlessly in a single software platform in a way that can vastly improve security management. We are delighted that Iceland\u2019s Reiknistofa Bankanna has experienced the deep business insights Genetec Security Center is capable of delivering and we look forward to supporting them as they evolve and grow their operations.\u201d\n\n\u201cThe time savings delivered by Genetec have been immense,\u201d concluded S\u00e6mundsson. \u201cIt\u2019s been a worthwhile investment, especially as it can evolve with us, and allows us to move at our chosen speed. Considering its ease of use, deep integration and leading analytics, we look forward to continuing the partnership over the coming years.\u201d\n\nwww.genetec.com<\/a>","post_title":"Genetec protects Iceland\u2019s financial services backbone","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"genetec-protects-icelands-financial-services-backbone","to_ping":"","pinged":"","post_modified":"2023-01-23 10:33:37","post_modified_gmt":"2023-01-23 10:33:37","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5921","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5156,"post_author":"3","post_date":"2021-03-04 08:47:26","post_date_gmt":"2021-03-04 08:47:26","post_content":"Bothwell Exchange, a new construction commercial space in Glasgow, Scotland, has installed an array of Boon Edam\u2019s Speedlane Slide optical turnstiles in the lobby and two TQA automatic revolving doors at the main entrance to control access.\n\nBothwell Exchange is a 9-storey, 155,000 sq. ft. commercial building located at 122 Waterloo Street in Glasgow, Scotland\u2019s International Financial Services District (IFSD). The location houses various international banking giants, as well as a gym, a kitchen and other amenities for employees. Architectural firm Michael Laird Associates led the design of the project, to create modern design with an open, column-free look and feel.\n\nWhen the project was completed, Bothwell Exchange was named the first development in Scotland to achieve the Platinum Wiredscore Certification, demonstrating that the building goes above and beyond to meet its tenants\u2019 connectivity needs. Bothwell Exchange was also awarded a BREEAM Excellent Rating, a performance standard which measures a building\u2019s sustainable value in a series of categories, ranging from energy to ecology.\n\nThe architects wanted to incorporate an automatic revolving door into the entrance of the building. Revolving doors are \u201calways open, always closed,\u201d meaning that no matter the position of the door, there is always a seal between the outside environment and the interior building. This helps save on energy costs and lobby space, without slowing down traffic. In consideration of these benefits, it was decided that the Bothwell Exchange entrance would consist of two automatic, 4-wing TQA revolving doors finished in 316 stainless steel. Additionally, for added security after hours, each door was outfitted with an external night sliding door set that completely seals the throat opening and can be locked to deter intruders.\n\nDuring the construction phase of building design, the architects communicated a need to incorporate security measures into the open lobby without impairing the flow of traffic in and out of the building. After a discussion around the estimated traffic needs of the building, the team decided to install a four-lane array of Speedlane Slide optical turnstiles to control unauthorised entry while still allowing 20-30 people per lane to enter each minute. To handle multiple types of traffic, the turnstile array was comprised of three standard-width lanes and one ADA-width lane. The wide lane would accommodate both employee traffic and the occasional wheelchair or delivery.\n\nwww.boonedam.com<\/a>","post_title":"Bothwell Exchange installs Boon Edam turnstiles and revolving doors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bothwell-exchange-installs-boon-edam-turnstiles-and-revolving-doors","to_ping":"","pinged":"","post_modified":"2021-03-04 08:47:30","post_modified_gmt":"2021-03-04 08:47:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5156","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4810,"post_author":"3","post_date":"2021-02-03 15:16:33","post_date_gmt":"2021-02-03 15:16:33","post_content":"Dahua Technology UK and Ireland has created a feature-rich virtual experience dubbed the Virtual Innovation Centre as a way to counter the continued absence of face-to-face trade events during the pandemic.\n\nThe innovation centre features immersive virtual reality, where visitors are able to walk through a pavilion and see Dahua\u2019s latest product and technology innovations. Visitors can select an automatic tour of the entire pavilion to get an overview on what is on offer, with the option of stopping at particular exhibits to drill down to the level of detail they require. Alternatively, visitors can navigate the pavilion at their own pace, stopping off wherever they like. Users can visit the site around the clock, and there is no limit to the number of times it can be accessed.\n\n\u201cWe are thrilled by the launch of our Virtual Innovation Centre, which has been carefully planned and designed to give users the optimum experience from the comfort and safety of their own homes or offices,\u201d said Michael Lawrence, Marketing Director for Dahua UK & Ireland. \u201cIt is the closest thing visitors can get to a live physical exhibition, but with the addition of a wealth of multimedia and online content.\u201d\n\nExhibits include: video solutions with AI learning capabilities; a range of temperature monitoring solutions including TMAC, Dahua\u2019s contactless temperature monitoring access control system; smart home and smart retail applications; and video intercom solutions. There are also areas dedicated to specific vertical applications such as smart transport, safe cities, smart retail and smart banking.\n\nvirtual-innovation-centre.dahuasecuritysolutions.co.uk<\/a>","post_title":"Dahua UK and Ireland launches virtual innovation centre","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"dahua-uk-and-ireland-launches-virtual-innovation-centre","to_ping":"","pinged":"","post_modified":"2021-02-03 15:16:35","post_modified_gmt":"2021-02-03 15:16:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4810","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4801,"post_author":"3","post_date":"2021-02-03 09:41:54","post_date_gmt":"2021-02-03 09:41:54","post_content":"Ping Identity has launched PingOne Verify, a cloud service that helps enterprises verify their customers\u2019 identities for rapid account onboarding, authentication and fraud prevention. The new service is the latest addition to Ping Identity\u2019s suite of cloud services for identity and access management (IAM).\n\n\u201cEnterprises need individuals to verify their identity to prevent fraud, but if the verification process is too cumbersome, they risk losing customers in their first interactions with the business,\u201d said Andre Durand, CEO and founder of Ping Identity. \u201cPingOne Verify is a simple way to verify identities that meets all of an enterprise\u2019s security requirements, while giving customers a streamlined, passwordless, onboarding experience.\u201d\n\nPingOne Verify enables enterprises to embed identity verification directly into their customer-facing mobile app. Customers provide live-capture selfies along with an image of their government-issued identification card, such as a driver\u2019s license or passport. The technology leverages \u2018liveness detection\u2019, in which customers\u2019 facial gestures \u2013 like smiling and straight-faced \u2013 are captured in a continuous stream, rather than a single static image, allowing PingOne Verify to ensure the end-user is a real, live person who is able to follow instructions.\n\nThe system uses facial recognition technology to match the live-face capture with the customer\u2019s image on their government ID. Once it is determined to be a match, PingOne Verify then taps into external data services to validate the government ID is not tampered with or modified. The service connects a customer\u2019s verified identity to their mobile device during the initial verification, bypassing the need to scan a government ID on subsequent verifications. The manufacturer states that this approach can lower the overall cost of identity verification for enterprises without impacting security.\n\nPing Identity believes its new service is ideal for companies in regulated industries, such as financial services and insurance, which have strict Know Your Customer (KYC) requirements. The risk level during the first interaction with a customer has high potential for fraudulent activity or account takeover. PingOne Verify could help these enterprises make sure that they are engaging with the right customers from the very first interaction.\n\nwww.pingidentity.com<\/a>","post_title":"Ping Identity launches identity verification service","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-launches-identity-verification-service","to_ping":"","pinged":"","post_modified":"2021-02-03 09:42:00","post_modified_gmt":"2021-02-03 09:42:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4801","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4739,"post_author":"3","post_date":"2021-01-30 02:27:00","post_date_gmt":"2021-01-30 02:27:00","post_content":"Software-Defined Trust specialists MagicCube has been appointed to the Board of Advisors at the PCI Security Standards Council (PCI SSC), whose role helps to ensure the security of card payment systems and determines international standards. MagicCube\u2019s CTO and co-founder, Nancy Zayed, will sit on the board.\n\n\u201cThe Board of Advisors provides industry expertise and perspectives that influence and shape the development of PCI Security Standards and programmes,\u201d said Lance J Johnson, PCI SSC Executive Director. \u201cWe look forward to working with MagicCube in our efforts to help organisations secure payment data globally.\u201d\n\nMagicCube\u2019s appointment is the first of a startup to the Board, which includes the likes of Amazon, JPMorganChase, Citi and PayPal, and the first of a Software-Defined Trust (SDT) platform designed for payments.\n\n\u201cWe rely on input from the Board of Advisors to develop data security standards and programmes that help businesses globally detect, mitigate and prevent cyberattacks and breaches,\u201d said Troy Leach, PCI SSC SVP Engagement Officer. \u201cWe\u2019re pleased to have MagicCube on the PCI SSC Board of Advisors to provide critical insights and help us build on the great efforts that are already being done to increase payment security globally.\u201d\n\n\u201cWe\u2019re extremely proud to have been elected to join the PCI Security Standards Council\u2019s Board of Advisors to continue our work on advising in the development of the PCI Security Standards,\u201d said Zayed. \u201cWe are hoping to share and contribute our experience in providing innovative provable software security technologies designed to come to par with hardware-based security yet competes with it in terms of practicality and ease of adoption, therefore enriching solutions\u2019 availability and extending optionality and speeds of adoption. Our objective of working within the Council to create and advance the standards for adopting new security technologies delivers on the Council\u2019s mission of maintaining the same high level of security of large volume of transactions across the many forms and configurations of payment platforms.\u201d\n\nwww.magiccube.co<\/a>","post_title":"MagicCube appointed to PCI Security Standards Council Board of Advisors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"magiccube-appointed-to-pci-security-standards-council-board-of-advisors","to_ping":"","pinged":"","post_modified":"2021-01-29 16:34:21","post_modified_gmt":"2021-01-29 16:34:21","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4739","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4516,"post_author":"3","post_date":"2021-01-11 10:23:32","post_date_gmt":"2021-01-11 10:23:32","post_content":"A third-party file sharing service used by the Reserve Bank of New Zealand \u2013 Te P\u016btea Matua to share and store some sensitive information, has been illegally accessed. Governor Adrian Orr stated that the breach has been contained, but that it would take time to determine the impact.\n\n\u201cWe are actively working with domestic and international cyber security experts and other relevant authorities as part of our investigation,\u201d said Orr. \u201cThis includes the GCSB\u2019s National Cyber Security Centre which has been notified and is providing guidance and advice. We have been advised by the third party provider that this wasn\u2019t a specific attack on the Reserve Bank, and other users of the file sharing application were also compromised.\u201d\n\nThe bank is working to understand the nature and extent of information that has been potentially accessed. However, it warns that it may include some commercially and personally sensitive information. The bank reports that the breached system has been secured and taken offline and that it is working with system users whose information may have been accessed.\n\n\u201cOur core functions and New Zealand\u2019s financial system remain sound, and Te P\u016btea Matua is open for business. This includes our markets operations and management of the cash and payments systems,\u201d concluded Orr.\n\nwww.rbnz.govt.nz<\/a>","post_title":"Reserve Bank of New Zealand suffers data breach","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"reserve-bank-of-new-zealand-suffers-data-breach","to_ping":"","pinged":"","post_modified":"2021-01-11 10:23:35","post_modified_gmt":"2021-01-11 10:23:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4516","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4205,"post_author":"3","post_date":"2020-12-09 12:09:02","post_date_gmt":"2020-12-09 12:09:02","post_content":"Idemia has signed a deal with Rocker to enhance contactless payment security for the blue-chip Swedish FinTech and bank challenger. The agreement will see Idemia\u2019s F.CODE biometric payment cards undergo a proof of concept with Rocker customers during the first quarter of 2021.\n\n\u201cAs a bank challenger, we are constantly testing new technology to develop smarter financial services that are easier to use and that help our customers improve their everyday financial lives,\u201d stated Jonas Hultin, Chief Product Officer and one of Rocker\u2019s three founders. \u201cWe are moving at a high pace to provide new and attractive innovations to customers. Launching biometric F.CODE debit cards is part of our strategy to offer smart and secure payment solutions across platforms, whether you wish to pay with your mobile, a card or with a transfer. In doing so, we are first in Sweden and one of the first in the world to offer this payment technology for consumers.\u201d\n\nThe deal marks the first ever-biometric card proof of concept in Northern Europe and will see payments using the card fingerprint-checked in store. The F.CODE payment card adopts a biometric authentication procedure making transactions quicker, more hygienic and more secure as cardholders no longer need to enter a PIN or sign. The solution ensures security by storing all biometric credentials only in the chip on the card, rather than in a remote database.\n\nThe battery-free card that will be rolled out in mid-2021 following the proof of concept is powered by the payment terminal and is designed to be user-friendly. Rocker aims to offer the F.CODE card as a new service in its growing offering of retail financial services that are easier to use, more flexible and better priced. The proof of concept will be completed by the first quarter of 2021.\n\n\u201cWe are proud to partner with Rocker and to shape the future of payments, hand in hand with a FinTech at the cutting edge of innovation,\u201d said Amanda Gourbault, IDEMIA\u2019s Executive Vice-President Financial Institutions. \u201cWe are delighted to ensure an innovative yet seamless experience to Rocker\u2019s customers thanks to the use of biometrics.\u201d\n\nwww.idemia.com<\/a>","post_title":"Idemia partners with Rocker to offer the first biometric card in Sweden","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"idemia-partners-with-rocker-to-offer-the-first-biometric-card-in-sweden","to_ping":"","pinged":"","post_modified":"2022-12-14 16:10:48","post_modified_gmt":"2022-12-14 16:10:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4205","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4155,"post_author":"3","post_date":"2020-12-04 15:36:00","post_date_gmt":"2020-12-04 15:36:00","post_content":"

Thales has launched the Gemalto Intelligent Double-sided ID Card Reader CR5400i, a product it describes as the world\u2019s only double-sided ID card reader and the first to be able to examine ID cards or driving licenses in the cloud in less than four seconds.<\/p>\n

The manufacturer states that its reader protects businesses from fraud and forgery thanks to sophisticated mechanisms for superior document authentication. The \u201ci\u201d version permits multiple intelligent readers to be centrally connected via Wi-Fi for organisations that need to deploy a fleet of readers. The compact device can also be set up, managed and serviced remotely.<\/p>\n

To use the device, a user inserts their ID card into the reader which reads both sides of the card simultaneously. Once this action is complete, a LED changes from blue to green and the ID is ejected and returned to its owner with no physical interaction between the user and operator.<\/p>\n

\u201cAt Thales we are committed to bring both convenience and security to the ID verification process. With the new double-sided reader the user experience is smooth while the service provider can fight ID fraud benefitting from a flexible and easy-to-integrate solution,\u201d said James MacLean Director of Document Reading Solutions at Thales. \u201cIn addition, the Covid-19 context has brought new challenges that Thales\u2019 intelligent ID card reader answers with its touch-free feature.\u201d<\/p>\n

www.thalesgroup.com<\/a><\/p>\n \n\n ","post_title":"Thales unveils double-sided ID card reader","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"thales-unveils-double-sided-id-card-reader","to_ping":"","pinged":"","post_modified":"2020-12-03 17:38:48","post_modified_gmt":"2020-12-03 17:38:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4155","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4079,"post_author":"3","post_date":"2020-11-27 17:28:17","post_date_gmt":"2020-11-27 17:28:17","post_content":"The Australian Prudential Regulation Authority (APRA) has released its Cyber Security Strategy for 2020 to 2024. The strategy seeks to lift cybersecurity standards further and introduce heightened accountability where companies fail to meet their legally binding requirements. Most notably, it also aims to extend APRA\u2019s reach beyond its regulated entities to influence the broader eco-system of suppliers and providers they rely upon.\n\nIn a speech to the Financial Services Assurance Forum, APRA Executive Board Member Geoff Summerhayes stated: \u201cTo date, no APRA-regulated bank, insurer or superannuation fund has suffered a material cyber breach, but our view that it\u2019s only a matter of time until a major incident occurs hasn\u2019t changed. Although the financial industry takes cyber risk seriously, there is room for improvement. For example, too many boards still lack visibility or understanding of the problems, while internal audit functions can lack the specialist skills to challenge boards and management to plug urgent gaps.\u201d\n\nThe new strategy builds on APRA\u2019s previous strategic initiatives including the delivery of its information security prudential standard and prudential guidance, and establishing a notification and response process for material cyber incidents.\n\n\u201cThe Strategy has been informed by extensive consultation with the Department of Home Affairs, as well as Treasury, ASIC and the Reserve Bank of Australia, and is designed to complement Australia\u2019s Cyber Security Strategy 2020,\u201d explained Summerhayes. \u201cOur mission is to make a step change in Australia\u2019s financial system cyber resilience. Our vision is for a financial system that can stand firm against cyber-attacks.\u201d\n\nThe Strategy comprises three primary focus areas. First is to establish a baseline of cyber controls by reinforcing the embedding of non-negotiable cyber practices. The second priority is to enable boards and executives of financial institutions to oversee and direct correction of cyber exposures. The final branch of APRA\u2019s new strategy is to rectify weak links within the broader financial eco-system and supply chain by fostering the maturation of provider cyber-assessment and assurance, and harmonising the regulation and supervision of cyber across the financial system.\n\n\u201cAs the threat posed by domestic and international cyber adversaries grows, along with the potential impact of a successful attack, we must remain on guard and continue to build our defences,\u201d concluded Summerhayes. \u201cIn an environment where an attack on one of us could be an attack on any of us, we are all \u2013 governments, regulators, organisations and individuals \u2013 links in a chain \u2013 and we are in this battle together. By sharing information and expertise, pooling resources and taking prompt action to plug gaps and fix weak links, we create a community of cyber defenders that is greater than the sum of its parts. In doing so, we help to keep the chain as strong as possible, and lock out those who would do us harm.\u201d\n\nwww.apra.gov.au<\/a>","post_title":"APRA releases new cybersecurity strategy","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"apra-releases-new-cybersecurity-strategy","to_ping":"","pinged":"","post_modified":"2020-11-27 17:28:22","post_modified_gmt":"2020-11-27 17:28:22","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4079","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4000,"post_author":"3","post_date":"2020-11-17 13:49:56","post_date_gmt":"2020-11-17 13:49:56","post_content":"ESET researchers have discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates stolen from two different companies. The attack was made easier for Lazarus as South Korean internet users are often asked to install additional security software when visiting government or internet banking websites.\n\n\u201cTo understand this novel supply-chain attack, you should be aware that Wizvera VeraPort, referred to as an integration installation program, is a South Korean application that helps manage such additional security software. When Wizvera VeraPort is installed, users receive and install all necessary software required by a specific website. Minimal user interaction is required to start such software installation,\u201d explained Anton Cherepanov, ESET researcher who led the investigation into the attack. \u201cUsually this software is used by government and banking websites in South Korea. For some of these websites it\u2019s mandatory to have Wizvera VeraPort installed.\u201d\n\n\u201cWhile the Wizvera software does exhibit security maturity and offers a safeguard to cyber threats, it only does what the configuration file instructs,\u201d observed Boris Cipot, senior security engineer at Synopsys. \u201cIn other words, the file informs Wizvera on which software it should install. All that hackers had to do was find the websites that were easiest to breach. Once breached, the attacker could then replace legitimate binaries with malicious ones. This enables Wizvera to install malicious software on visitors\u2019 devices.\u201d\n\nAdditionally, the attackers used illegally obtained code-signing certificates in order to sign the malware samples. One of these certificates was issued to the US branch of a South Korean security company. \u201cThe attackers camouflaged the Lazarus malware samples as legitimate software. These samples have similar file names, icons and resources as legitimate South Korean software,\u201d says Peter K\u00e1lnai, ESET researcher who analysed the Lazarus attack with Cherepanov. \u201cIt\u2019s the combination of compromised websites with Wizvera VeraPort support and specific VeraPort configuration options that allows attackers to perform this attack.\u201d\n\n\u201cWhat has transpired here highlights how cybersecurity does not operate within a vacuum,\u201d added Stuart Sharp, VP of Technical Services at OneLogin. \u201cMaintaining good cybersecurity requires keeping an eye on the basics, and ensuring that the organisations you partner with in the supply chain do as well - as the saying goes, your security is only as strong as your weakest link. In this instance, the South Korean government should ensure that the software manager verifies the owner of the certificate, and that all organisations within their supply chain are adhering to a standard set of cyber hygiene rules as well as performing regular security audits. This is particularly true if they are requiring users to download software to access certain services.\u201d\n\n\u201cThis attack by Lazarus group is yet another example of how cybercriminals will try to compromise the supply chain at any weak spot to gain access,\u201d agreed Javvad Malik, Security Awareness Advocate at KnowBe4. \u201cIt's therefore essential that all organisations have effective and robust security controls in place to maintain the integrity of their supply chains and the security of transactions which take place across them. We saw Petya ransomware spread through most of Ukraine due to a compromised tax filing software. Government departments in particular need to keep a close eye on mandatory software or portals which, if compromised, can quickly have large impacts.\u201d\n\n\u201cThis is yet another case of cybercriminals finding loopholes in security procedures,\u201d concluded Cipot. \u201cBased on feedback from ESET researchers, the easiest prevention of such an attack would be to provide hashes on the binaries in the configuration files. That way, the binary cannot be installed if the hashes do not match. Unfortunately, skipping this extra security step has allowed attackers to abuse the otherwise robust system. We see this often, where misconfiguration can lead to significant consequences. While typically we hear about instances of misconfigured S3 buckets, in this case, it was a misconfigured instruction file.\u201d\n\nwww.eset.com<\/a>","post_title":"ESET Research discovers Lazarus attack in South Korea","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"eset-research-discovers-lazarus-attack-in-south-korea","to_ping":"","pinged":"","post_modified":"2020-11-17 13:49:59","post_modified_gmt":"2020-11-17 13:49:59","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4000","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3655,"post_author":"3","post_date":"2020-10-21 17:06:04","post_date_gmt":"2020-10-21 16:06:04","post_content":"

HID Global has been working with banking software manufacturer Temenos to expand the features of its multi-factor authentication solution that are available to Temenos Infinity users. HID\u2019s risk-based authentication solution is pre-integrated with Temenos\u2019 digital front office product, Infinity.<\/p>\n

<\/p>\n

\u201cHID is committed to helping Temenos customers meet today\u2019s extraordinary demand for safe and secure access to mobile and online banking services as a result of the current global health crisis,\u201d said Brad Jarvis, Vice President and Managing Director of the Identity & Access Management Solutions with HID Global. \u201cWe are ensuring that Temenos Infinity users can benefit from the broadest range of capabilities in our risk-based authentication solution, from onboarding and transaction signing through self-service and management.\u201d<\/p>\n

<\/p>\n

HID\u2019s offering supports the latest Temenos Infinity capabilities through its HID ActivID Authentication Platform featuring the HID Risk Management Solution with real-time risk profiling technology. Temenos Infinity users now benefit from a wide range of options for authentication and onboarding, including static passwords, multiple types of One Time Passwords (OTPs) and FIDO hardware authenticators, and mobile push notification leveraging public key cryptography. In addition to this, further capabilities include <\/a>pre-integrated HID Identity Verification Service capabilities that simplify and enhance digital identity self-service and management while increasing administrative visibility.<\/p>\n

<\/p>\n

\u201cAs the leader in banking software, we know that the need for modern digital banking in this \u2018New Normal\u2019 will be greater than ever,\u201d said James Holland, Director of Product Security with Temenos. \u201cTemenos is helping banks support today\u2019s surge in digital banking volumes while also ensuring that these interactions are secure at every point, including the consumer\u2019s device where they are initiated.  We welcome these new capabilities from HID Global.\u201d<\/p>\n

<\/p>\n

<\/p>\n

www.hidglobal.com<\/a><\/p>","post_title":"HID Global expands multi-factor authentication features for Temenos Infinity","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"hid-global-expands-multi-factor-authentication-features-for-temenos-infinity","to_ping":"","pinged":"","post_modified":"2023-01-23 10:57:39","post_modified_gmt":"2023-01-23 10:57:39","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3655","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3642,"post_author":"3","post_date":"2020-10-21 11:14:26","post_date_gmt":"2020-10-21 10:14:26","post_content":"

Mastercard has partnered with IDEMIA and MatchMove for its first pilot in Asia of a biometric card that uses a fingerprint to authorise transactions at in-store payment terminals. The card, with the product name F.CODE Easy, is said to make transactions more convenient, safe and secure by eliminating the need for a cardholder to provide a PIN number or signature, thereby reducing touch points in public places.<\/p>\n

<\/p>\n

Developed by IDEMIA in accordance with Mastercard\u2019s technical and design specifications, F.CODE Easy stores all biometric credentials on the card chip rather than a central database. The battery-free card, which harvests energy from payment terminals to power its fingerprint sensor, is designed to be user-friendly and is certified to ISO standards by Mastercard for security and compliance.<\/p>\n

<\/p>\n

MatchMove, a Banking as a Service provider in Singapore, will issue the biometric cards for the pilot in the fourth quarter of 2020. The pilot will feature employees of Mastercard, IDEMIA and MatchMove using the cards for transactions and live demonstrations for customers.<\/p>\n

<\/p>\n

\u201cAs people make a permanent move to contactless transactions, the biometric card promises more choice and greater security for consumers,\u201d said Matthew Driver, Executive Vice President, Services, Asia Pacific, Mastercard. \u201cWith Mastercard\u2019s focus on digital commerce, this solution is a testament to the innovative partnerships Mastercard cultivates and its mission to provide fast, frictionless payment experiences that are protected at every point.\u201d<\/p>\n

<\/p>\n

\u201cWe are proud to celebrate this milestone on our journey to shaping the future of payments into one powered by biometrics,\u201d said Vincent Mouret, Senior Vice President of Financial Institutions Asia Pacific at IDEMIA. \u201cWe are delighted to partner with Mastercard and MatchMove to launch F.CODE Easy in Asia and we look forward to continuing to work together to provide end-to-end security for fintechs.\u201d<\/p>\n

<\/p>\n

\u201cWe are excited to partner with IDEMIA and Mastercard to pioneer cutting-edge solutions that empower our customers to make safe and secure payments,\u201d said Amar Abrol, Chief Commercial Officer at MatchMove. \u201cBy leveraging F.CODE Easy, we can enable multiple use cases for our clients who in turn create greater value and utility for their customers, employees, suppliers and partners. We look forward to working together and introducing new innovative solutions to the market.\u201d<\/p>\n

<\/p>\n

www.idemia.com<\/a><\/p>","post_title":"Mastercard, IDEMIA and MatchMove pilot biometric Card in Asia","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"mastercard-idemia-and-matchmove-pilot-biometric-card-in-asia","to_ping":"","pinged":"","post_modified":"2022-12-14 16:11:10","post_modified_gmt":"2022-12-14 16:11:10","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3642","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3400,"post_author":"3","post_date":"2020-10-16 17:52:28","post_date_gmt":"2020-10-16 16:52:28","post_content":"Zimperium discusses the security and privacy issues found in 400 mobile banking and payment apps distributed in the EMEA region.","post_title":"Security and risk findings in the top 400 EMEA mobile banking apps","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"security-and-risk-findings-in-the-top-400-emea-mobile-banking-apps","to_ping":"","pinged":"","post_modified":"2020-10-16 17:52:30","post_modified_gmt":"2020-10-16 16:52:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3400","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"}],"next":false,"prev":false,"total_page":1},"paged":1,"column_class":"jeg_col_2o3","class":"epic_block_14"};

\n

\u201cModern enterprises require increased business agility, and banks are no exception,\u201d said Emma Maslen, VP and general manager of Ping Identity, EMEA & APAC, \u201cFinancial institutions are faced with unforgiving customers and uniquely robust compliance requirements. This amplifies the need for a partner that not only understands their complexities but can deliver flexible security solutions that deliver an integrated customer experience to achieve business goals.\u201d<\/p>\n\n\n\n

www.pingidentity.com<\/a><\/p>\n\n\n\n

www.proofid.com<\/a><\/p>\n","post_title":"Ping Identity and ProofID supply identity security for Tesco Bank","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-and-proofid-supply-identity-security-for-tesco-bank","to_ping":"","pinged":"","post_modified":"2021-05-18 14:56:46","post_modified_gmt":"2021-05-18 13:56:46","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6153","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":6132,"post_author":"1","post_date":"2021-05-14 16:19:02","post_date_gmt":"2021-05-14 15:19:02","post_content":"Cloud technology has been proven to help businesses remain operational during the pandemic and has helped facilitate a digital transformation process that was already underway in many sectors, including financial services. Now, as the success of the vaccination programme and drop in infection rates leads to a relaxing of lockdown regulations, retail and investment banks will be looking to help large numbers of employees back to work to resume full service.\n\nBut this gradual transition will require planning and consideration to be given to health and safety alongside the expected high levels of security. While mask wearing and social distancing measures are set to be relaxed over the coming months, it\u2019s nevertheless imperative that day-to-day business is not jeopardised by a spread of infection as a result of complacency. This is where technology has an important role to play, with benefits that will transcend the pandemic, equipping banks and financial services for future challenges.\n\nThe evolution of hosted physical security<\/strong>\n\nPhysical security too is transforming. In today\u2019s modern world, dated standalone CCTV and manually operated access barriers, are increasingly being replaced with cloud-enabled network cameras and digital access control mechanisms. Such technologies provide multiple layers of protection, both at a building\u2019s entrance and within the premises itself. The internet of things (IoT) brings seamless device connectivity and data sharing for a streamlined, efficient and intelligent security solution.\n\nTo better understand the capacity for cloud to help improve security and provide operational benefits during the pandemic and beyond, hosted security provider Morphean, commissioned a survey of 1,000 senior decision makers across the UK, Germany and Sweden. Results revealed that 51% of respondents are currently using a cloud-based video surveillance (VSaaS) and\/or a door entry\/access control system (ACaaS), and that 95% of those surveyed agree that if an existing security system could deliver insights beyond security to assist decision making it would influence adoption.\n\nImproving the management of premises and people<\/strong>\n\nIn such a high security environment, VSaaS and ACaaS can help managers to determine staff whereabouts and to know who is in the building at any one time. For example, an access control solution which is linked to an HR database can check the swipe of an access card against staff records. Surveillance cameras also provide secondary authentication through visual clarification of an individual\u2019s identity. An employee who is flagged by the system as being on leave, absent or no longer employed will trigger an automated alert to relevant personnel, who can take swift action.\n\nWith concerns turning to the potential spread of Covid-19 variants, frictionless access control mechanisms ensure a fast and hands-free method of admitting staff to the premises, using surveillance cameras, QR codes, or mobile phone identification to avoid the touching of shared surfaces, minimising cross infection risk. IP audio equipment that is connected to the surveillance system can be used to issue messages, either pre-recorded or in real-time, to remind staff of the importance of maintaining a safe distance from each other and configured to trigger an automated warning message while simultaneously making security personnel aware of any situation.\n\nUnlocking powerful operational insights<\/strong>\n\nEnsuring that only staff who are necessary for day-to-day operations are on site is a sensible way to further minimise infection risk. Remote monitoring and operational insights can be employed to check premises via tablet or mobile, removing any need to enter a site unnecessarily. In fact, access from any location (32%), remote maintenance (31%), and the ability to monitor empty sites (29%) were all identified as key benefits of introducing VSaaS and ACaaS, alongside better security (40%) and better functionality (33%). VSaaS and ACaaS include regular software updates and firmware upgrades, resulting in a solution that is always online and always up to date.\n\nVSaaS and ACaaS are based on a pay-per-use business model which means that systems can be easily scaled up or down in accordance with customer requirements, while monthly recurring payments remove the need for large upfront capital expenditure. Partnering with a trusted physical security provider will ensure delivery of a future-proof system that\u2019s capable of high levels of security while unlocking powerful business intelligence. Managers will benefit from insight into staff movement around the premises and adherence to health and safety protocols for complete peace of mind.\n\nThe evolving threat landscape and the broad range of challenges that the future will bring is something that all companies must consider. Fortunately, cloud-enabled physical security now appears to sit firmly on the agenda. For the banking and finance industry, VSaaS and ACaaS provide a flexible security and business solution that will enable them to meet ever evolving demands and confidently face the future.\n\nFor further insights on VSaaS and ACaaS adoption in Europe, download Morphean's whitepaper:\n\nLandscape Report 2020\/21: Hosted Security adoption in Europe<\/a>\n\nwww.morphean.com<\/a>","post_title":"Opinion | Improving banking security and operations through innovations in cloud","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"opinion-improving-banking-security-and-operations-through-innovations-in-cloud","to_ping":"","pinged":"","post_modified":"2021-05-14 16:19:05","post_modified_gmt":"2021-05-14 15:19:05","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6132","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":6070,"post_author":"48","post_date":"2021-05-12 13:00:28","post_date_gmt":"2021-05-12 12:00:28","post_content":"\n

Employee safety is a top priority in retail stores, bank branches, and similar applications. Using Bosch's method of integrating the intrusion system's panic buttons or bill trap sensors with the radio dispatch system, this can provide added security by alerting security personnel to high-risk situations.<\/p>\n\n\n\n

\nhttps:\/\/www.youtube.com\/watch?v=-Erg_9Y9y28&ab_channel=BoschSecurityandSafetySystems\n<\/div><\/figure>\n\n\n\n

https:\/\/www.boschsecurity.com\/gb\/en\/<\/a><\/p>\n","post_title":"Bosch Security Systems | Assuring employee safety","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bosch-security-systems-assuring-employee-safety","to_ping":"","pinged":"","post_modified":"2022-07-11 20:22:00","post_modified_gmt":"2022-07-11 19:22:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6070","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5921,"post_author":"3","post_date":"2021-04-30 17:35:38","post_date_gmt":"2021-04-30 16:35:38","post_content":"Reiknistofa bankanna (RB), an IT service provider for Icelandic financial institutions, has recently overhauled its security infrastructure with Genetec Security Center. Following a project from systems integrator Hafnes Ehf, RB is now using Genetec to manage its cameras, access control and video analytics through a single interface.\n\nRB is a provider of mission-critical IT systems for Icelandic financial institutions, responsible for the country\u2019s central clearance and settlement system, and a number of multi-tenant core banking solutions. RB places a very high importance on security, not only to ensure its data stays safe, but also to protect employees and visiting clients. While its server rooms and offices were protected via disparate video and access control systems, the technology was old, and maintenance was becoming both a financial and an operational burden.\n\nRB operates its solutions across multiple data centres in a shared, multi-bank environment. This requires a system that brings video and access control into a single solution. As an open unified platform, Genetec Security Center was reportedly chosen as it simplified daily security operations, allowed for further integration with other tools such as RB\u2019s heating and cooling systems, and delivered business-wide value.\n\n\u201cFrom day one we wanted a unified system which could help our teams understand the situation quickly; alerting them if anything required their attention,\u201d said Geir S\u00e6mundsson, Datacentre Manager at Reiknistofa bankanna. \u201cThe Genetec solution does just this and is allowing us to build-in customised alerts so we gain business intelligence \u2013 providing us with better ROI.\u201d\n\n\u201cPhysical security teams are demanding simplicity and greater functionality,\u201d added Anthonie van der Ploeg, Director of Sales for Benelux & Nordics at Genetec. \u201cUnification can offer them both by bringing together all security system components seamlessly in a single software platform in a way that can vastly improve security management. We are delighted that Iceland\u2019s Reiknistofa Bankanna has experienced the deep business insights Genetec Security Center is capable of delivering and we look forward to supporting them as they evolve and grow their operations.\u201d\n\n\u201cThe time savings delivered by Genetec have been immense,\u201d concluded S\u00e6mundsson. \u201cIt\u2019s been a worthwhile investment, especially as it can evolve with us, and allows us to move at our chosen speed. Considering its ease of use, deep integration and leading analytics, we look forward to continuing the partnership over the coming years.\u201d\n\nwww.genetec.com<\/a>","post_title":"Genetec protects Iceland\u2019s financial services backbone","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"genetec-protects-icelands-financial-services-backbone","to_ping":"","pinged":"","post_modified":"2023-01-23 10:33:37","post_modified_gmt":"2023-01-23 10:33:37","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5921","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5156,"post_author":"3","post_date":"2021-03-04 08:47:26","post_date_gmt":"2021-03-04 08:47:26","post_content":"Bothwell Exchange, a new construction commercial space in Glasgow, Scotland, has installed an array of Boon Edam\u2019s Speedlane Slide optical turnstiles in the lobby and two TQA automatic revolving doors at the main entrance to control access.\n\nBothwell Exchange is a 9-storey, 155,000 sq. ft. commercial building located at 122 Waterloo Street in Glasgow, Scotland\u2019s International Financial Services District (IFSD). The location houses various international banking giants, as well as a gym, a kitchen and other amenities for employees. Architectural firm Michael Laird Associates led the design of the project, to create modern design with an open, column-free look and feel.\n\nWhen the project was completed, Bothwell Exchange was named the first development in Scotland to achieve the Platinum Wiredscore Certification, demonstrating that the building goes above and beyond to meet its tenants\u2019 connectivity needs. Bothwell Exchange was also awarded a BREEAM Excellent Rating, a performance standard which measures a building\u2019s sustainable value in a series of categories, ranging from energy to ecology.\n\nThe architects wanted to incorporate an automatic revolving door into the entrance of the building. Revolving doors are \u201calways open, always closed,\u201d meaning that no matter the position of the door, there is always a seal between the outside environment and the interior building. This helps save on energy costs and lobby space, without slowing down traffic. In consideration of these benefits, it was decided that the Bothwell Exchange entrance would consist of two automatic, 4-wing TQA revolving doors finished in 316 stainless steel. Additionally, for added security after hours, each door was outfitted with an external night sliding door set that completely seals the throat opening and can be locked to deter intruders.\n\nDuring the construction phase of building design, the architects communicated a need to incorporate security measures into the open lobby without impairing the flow of traffic in and out of the building. After a discussion around the estimated traffic needs of the building, the team decided to install a four-lane array of Speedlane Slide optical turnstiles to control unauthorised entry while still allowing 20-30 people per lane to enter each minute. To handle multiple types of traffic, the turnstile array was comprised of three standard-width lanes and one ADA-width lane. The wide lane would accommodate both employee traffic and the occasional wheelchair or delivery.\n\nwww.boonedam.com<\/a>","post_title":"Bothwell Exchange installs Boon Edam turnstiles and revolving doors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bothwell-exchange-installs-boon-edam-turnstiles-and-revolving-doors","to_ping":"","pinged":"","post_modified":"2021-03-04 08:47:30","post_modified_gmt":"2021-03-04 08:47:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5156","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4810,"post_author":"3","post_date":"2021-02-03 15:16:33","post_date_gmt":"2021-02-03 15:16:33","post_content":"Dahua Technology UK and Ireland has created a feature-rich virtual experience dubbed the Virtual Innovation Centre as a way to counter the continued absence of face-to-face trade events during the pandemic.\n\nThe innovation centre features immersive virtual reality, where visitors are able to walk through a pavilion and see Dahua\u2019s latest product and technology innovations. Visitors can select an automatic tour of the entire pavilion to get an overview on what is on offer, with the option of stopping at particular exhibits to drill down to the level of detail they require. Alternatively, visitors can navigate the pavilion at their own pace, stopping off wherever they like. Users can visit the site around the clock, and there is no limit to the number of times it can be accessed.\n\n\u201cWe are thrilled by the launch of our Virtual Innovation Centre, which has been carefully planned and designed to give users the optimum experience from the comfort and safety of their own homes or offices,\u201d said Michael Lawrence, Marketing Director for Dahua UK & Ireland. \u201cIt is the closest thing visitors can get to a live physical exhibition, but with the addition of a wealth of multimedia and online content.\u201d\n\nExhibits include: video solutions with AI learning capabilities; a range of temperature monitoring solutions including TMAC, Dahua\u2019s contactless temperature monitoring access control system; smart home and smart retail applications; and video intercom solutions. There are also areas dedicated to specific vertical applications such as smart transport, safe cities, smart retail and smart banking.\n\nvirtual-innovation-centre.dahuasecuritysolutions.co.uk<\/a>","post_title":"Dahua UK and Ireland launches virtual innovation centre","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"dahua-uk-and-ireland-launches-virtual-innovation-centre","to_ping":"","pinged":"","post_modified":"2021-02-03 15:16:35","post_modified_gmt":"2021-02-03 15:16:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4810","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4801,"post_author":"3","post_date":"2021-02-03 09:41:54","post_date_gmt":"2021-02-03 09:41:54","post_content":"Ping Identity has launched PingOne Verify, a cloud service that helps enterprises verify their customers\u2019 identities for rapid account onboarding, authentication and fraud prevention. The new service is the latest addition to Ping Identity\u2019s suite of cloud services for identity and access management (IAM).\n\n\u201cEnterprises need individuals to verify their identity to prevent fraud, but if the verification process is too cumbersome, they risk losing customers in their first interactions with the business,\u201d said Andre Durand, CEO and founder of Ping Identity. \u201cPingOne Verify is a simple way to verify identities that meets all of an enterprise\u2019s security requirements, while giving customers a streamlined, passwordless, onboarding experience.\u201d\n\nPingOne Verify enables enterprises to embed identity verification directly into their customer-facing mobile app. Customers provide live-capture selfies along with an image of their government-issued identification card, such as a driver\u2019s license or passport. The technology leverages \u2018liveness detection\u2019, in which customers\u2019 facial gestures \u2013 like smiling and straight-faced \u2013 are captured in a continuous stream, rather than a single static image, allowing PingOne Verify to ensure the end-user is a real, live person who is able to follow instructions.\n\nThe system uses facial recognition technology to match the live-face capture with the customer\u2019s image on their government ID. Once it is determined to be a match, PingOne Verify then taps into external data services to validate the government ID is not tampered with or modified. The service connects a customer\u2019s verified identity to their mobile device during the initial verification, bypassing the need to scan a government ID on subsequent verifications. The manufacturer states that this approach can lower the overall cost of identity verification for enterprises without impacting security.\n\nPing Identity believes its new service is ideal for companies in regulated industries, such as financial services and insurance, which have strict Know Your Customer (KYC) requirements. The risk level during the first interaction with a customer has high potential for fraudulent activity or account takeover. PingOne Verify could help these enterprises make sure that they are engaging with the right customers from the very first interaction.\n\nwww.pingidentity.com<\/a>","post_title":"Ping Identity launches identity verification service","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-launches-identity-verification-service","to_ping":"","pinged":"","post_modified":"2021-02-03 09:42:00","post_modified_gmt":"2021-02-03 09:42:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4801","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4739,"post_author":"3","post_date":"2021-01-30 02:27:00","post_date_gmt":"2021-01-30 02:27:00","post_content":"Software-Defined Trust specialists MagicCube has been appointed to the Board of Advisors at the PCI Security Standards Council (PCI SSC), whose role helps to ensure the security of card payment systems and determines international standards. MagicCube\u2019s CTO and co-founder, Nancy Zayed, will sit on the board.\n\n\u201cThe Board of Advisors provides industry expertise and perspectives that influence and shape the development of PCI Security Standards and programmes,\u201d said Lance J Johnson, PCI SSC Executive Director. \u201cWe look forward to working with MagicCube in our efforts to help organisations secure payment data globally.\u201d\n\nMagicCube\u2019s appointment is the first of a startup to the Board, which includes the likes of Amazon, JPMorganChase, Citi and PayPal, and the first of a Software-Defined Trust (SDT) platform designed for payments.\n\n\u201cWe rely on input from the Board of Advisors to develop data security standards and programmes that help businesses globally detect, mitigate and prevent cyberattacks and breaches,\u201d said Troy Leach, PCI SSC SVP Engagement Officer. \u201cWe\u2019re pleased to have MagicCube on the PCI SSC Board of Advisors to provide critical insights and help us build on the great efforts that are already being done to increase payment security globally.\u201d\n\n\u201cWe\u2019re extremely proud to have been elected to join the PCI Security Standards Council\u2019s Board of Advisors to continue our work on advising in the development of the PCI Security Standards,\u201d said Zayed. \u201cWe are hoping to share and contribute our experience in providing innovative provable software security technologies designed to come to par with hardware-based security yet competes with it in terms of practicality and ease of adoption, therefore enriching solutions\u2019 availability and extending optionality and speeds of adoption. Our objective of working within the Council to create and advance the standards for adopting new security technologies delivers on the Council\u2019s mission of maintaining the same high level of security of large volume of transactions across the many forms and configurations of payment platforms.\u201d\n\nwww.magiccube.co<\/a>","post_title":"MagicCube appointed to PCI Security Standards Council Board of Advisors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"magiccube-appointed-to-pci-security-standards-council-board-of-advisors","to_ping":"","pinged":"","post_modified":"2021-01-29 16:34:21","post_modified_gmt":"2021-01-29 16:34:21","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4739","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4516,"post_author":"3","post_date":"2021-01-11 10:23:32","post_date_gmt":"2021-01-11 10:23:32","post_content":"A third-party file sharing service used by the Reserve Bank of New Zealand \u2013 Te P\u016btea Matua to share and store some sensitive information, has been illegally accessed. Governor Adrian Orr stated that the breach has been contained, but that it would take time to determine the impact.\n\n\u201cWe are actively working with domestic and international cyber security experts and other relevant authorities as part of our investigation,\u201d said Orr. \u201cThis includes the GCSB\u2019s National Cyber Security Centre which has been notified and is providing guidance and advice. We have been advised by the third party provider that this wasn\u2019t a specific attack on the Reserve Bank, and other users of the file sharing application were also compromised.\u201d\n\nThe bank is working to understand the nature and extent of information that has been potentially accessed. However, it warns that it may include some commercially and personally sensitive information. The bank reports that the breached system has been secured and taken offline and that it is working with system users whose information may have been accessed.\n\n\u201cOur core functions and New Zealand\u2019s financial system remain sound, and Te P\u016btea Matua is open for business. This includes our markets operations and management of the cash and payments systems,\u201d concluded Orr.\n\nwww.rbnz.govt.nz<\/a>","post_title":"Reserve Bank of New Zealand suffers data breach","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"reserve-bank-of-new-zealand-suffers-data-breach","to_ping":"","pinged":"","post_modified":"2021-01-11 10:23:35","post_modified_gmt":"2021-01-11 10:23:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4516","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4205,"post_author":"3","post_date":"2020-12-09 12:09:02","post_date_gmt":"2020-12-09 12:09:02","post_content":"Idemia has signed a deal with Rocker to enhance contactless payment security for the blue-chip Swedish FinTech and bank challenger. The agreement will see Idemia\u2019s F.CODE biometric payment cards undergo a proof of concept with Rocker customers during the first quarter of 2021.\n\n\u201cAs a bank challenger, we are constantly testing new technology to develop smarter financial services that are easier to use and that help our customers improve their everyday financial lives,\u201d stated Jonas Hultin, Chief Product Officer and one of Rocker\u2019s three founders. \u201cWe are moving at a high pace to provide new and attractive innovations to customers. Launching biometric F.CODE debit cards is part of our strategy to offer smart and secure payment solutions across platforms, whether you wish to pay with your mobile, a card or with a transfer. In doing so, we are first in Sweden and one of the first in the world to offer this payment technology for consumers.\u201d\n\nThe deal marks the first ever-biometric card proof of concept in Northern Europe and will see payments using the card fingerprint-checked in store. The F.CODE payment card adopts a biometric authentication procedure making transactions quicker, more hygienic and more secure as cardholders no longer need to enter a PIN or sign. The solution ensures security by storing all biometric credentials only in the chip on the card, rather than in a remote database.\n\nThe battery-free card that will be rolled out in mid-2021 following the proof of concept is powered by the payment terminal and is designed to be user-friendly. Rocker aims to offer the F.CODE card as a new service in its growing offering of retail financial services that are easier to use, more flexible and better priced. The proof of concept will be completed by the first quarter of 2021.\n\n\u201cWe are proud to partner with Rocker and to shape the future of payments, hand in hand with a FinTech at the cutting edge of innovation,\u201d said Amanda Gourbault, IDEMIA\u2019s Executive Vice-President Financial Institutions. \u201cWe are delighted to ensure an innovative yet seamless experience to Rocker\u2019s customers thanks to the use of biometrics.\u201d\n\nwww.idemia.com<\/a>","post_title":"Idemia partners with Rocker to offer the first biometric card in Sweden","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"idemia-partners-with-rocker-to-offer-the-first-biometric-card-in-sweden","to_ping":"","pinged":"","post_modified":"2022-12-14 16:10:48","post_modified_gmt":"2022-12-14 16:10:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4205","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4155,"post_author":"3","post_date":"2020-12-04 15:36:00","post_date_gmt":"2020-12-04 15:36:00","post_content":"

Thales has launched the Gemalto Intelligent Double-sided ID Card Reader CR5400i, a product it describes as the world\u2019s only double-sided ID card reader and the first to be able to examine ID cards or driving licenses in the cloud in less than four seconds.<\/p>\n

The manufacturer states that its reader protects businesses from fraud and forgery thanks to sophisticated mechanisms for superior document authentication. The \u201ci\u201d version permits multiple intelligent readers to be centrally connected via Wi-Fi for organisations that need to deploy a fleet of readers. The compact device can also be set up, managed and serviced remotely.<\/p>\n

To use the device, a user inserts their ID card into the reader which reads both sides of the card simultaneously. Once this action is complete, a LED changes from blue to green and the ID is ejected and returned to its owner with no physical interaction between the user and operator.<\/p>\n

\u201cAt Thales we are committed to bring both convenience and security to the ID verification process. With the new double-sided reader the user experience is smooth while the service provider can fight ID fraud benefitting from a flexible and easy-to-integrate solution,\u201d said James MacLean Director of Document Reading Solutions at Thales. \u201cIn addition, the Covid-19 context has brought new challenges that Thales\u2019 intelligent ID card reader answers with its touch-free feature.\u201d<\/p>\n

www.thalesgroup.com<\/a><\/p>\n \n\n ","post_title":"Thales unveils double-sided ID card reader","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"thales-unveils-double-sided-id-card-reader","to_ping":"","pinged":"","post_modified":"2020-12-03 17:38:48","post_modified_gmt":"2020-12-03 17:38:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4155","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4079,"post_author":"3","post_date":"2020-11-27 17:28:17","post_date_gmt":"2020-11-27 17:28:17","post_content":"The Australian Prudential Regulation Authority (APRA) has released its Cyber Security Strategy for 2020 to 2024. The strategy seeks to lift cybersecurity standards further and introduce heightened accountability where companies fail to meet their legally binding requirements. Most notably, it also aims to extend APRA\u2019s reach beyond its regulated entities to influence the broader eco-system of suppliers and providers they rely upon.\n\nIn a speech to the Financial Services Assurance Forum, APRA Executive Board Member Geoff Summerhayes stated: \u201cTo date, no APRA-regulated bank, insurer or superannuation fund has suffered a material cyber breach, but our view that it\u2019s only a matter of time until a major incident occurs hasn\u2019t changed. Although the financial industry takes cyber risk seriously, there is room for improvement. For example, too many boards still lack visibility or understanding of the problems, while internal audit functions can lack the specialist skills to challenge boards and management to plug urgent gaps.\u201d\n\nThe new strategy builds on APRA\u2019s previous strategic initiatives including the delivery of its information security prudential standard and prudential guidance, and establishing a notification and response process for material cyber incidents.\n\n\u201cThe Strategy has been informed by extensive consultation with the Department of Home Affairs, as well as Treasury, ASIC and the Reserve Bank of Australia, and is designed to complement Australia\u2019s Cyber Security Strategy 2020,\u201d explained Summerhayes. \u201cOur mission is to make a step change in Australia\u2019s financial system cyber resilience. Our vision is for a financial system that can stand firm against cyber-attacks.\u201d\n\nThe Strategy comprises three primary focus areas. First is to establish a baseline of cyber controls by reinforcing the embedding of non-negotiable cyber practices. The second priority is to enable boards and executives of financial institutions to oversee and direct correction of cyber exposures. The final branch of APRA\u2019s new strategy is to rectify weak links within the broader financial eco-system and supply chain by fostering the maturation of provider cyber-assessment and assurance, and harmonising the regulation and supervision of cyber across the financial system.\n\n\u201cAs the threat posed by domestic and international cyber adversaries grows, along with the potential impact of a successful attack, we must remain on guard and continue to build our defences,\u201d concluded Summerhayes. \u201cIn an environment where an attack on one of us could be an attack on any of us, we are all \u2013 governments, regulators, organisations and individuals \u2013 links in a chain \u2013 and we are in this battle together. By sharing information and expertise, pooling resources and taking prompt action to plug gaps and fix weak links, we create a community of cyber defenders that is greater than the sum of its parts. In doing so, we help to keep the chain as strong as possible, and lock out those who would do us harm.\u201d\n\nwww.apra.gov.au<\/a>","post_title":"APRA releases new cybersecurity strategy","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"apra-releases-new-cybersecurity-strategy","to_ping":"","pinged":"","post_modified":"2020-11-27 17:28:22","post_modified_gmt":"2020-11-27 17:28:22","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4079","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4000,"post_author":"3","post_date":"2020-11-17 13:49:56","post_date_gmt":"2020-11-17 13:49:56","post_content":"ESET researchers have discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates stolen from two different companies. The attack was made easier for Lazarus as South Korean internet users are often asked to install additional security software when visiting government or internet banking websites.\n\n\u201cTo understand this novel supply-chain attack, you should be aware that Wizvera VeraPort, referred to as an integration installation program, is a South Korean application that helps manage such additional security software. When Wizvera VeraPort is installed, users receive and install all necessary software required by a specific website. Minimal user interaction is required to start such software installation,\u201d explained Anton Cherepanov, ESET researcher who led the investigation into the attack. \u201cUsually this software is used by government and banking websites in South Korea. For some of these websites it\u2019s mandatory to have Wizvera VeraPort installed.\u201d\n\n\u201cWhile the Wizvera software does exhibit security maturity and offers a safeguard to cyber threats, it only does what the configuration file instructs,\u201d observed Boris Cipot, senior security engineer at Synopsys. \u201cIn other words, the file informs Wizvera on which software it should install. All that hackers had to do was find the websites that were easiest to breach. Once breached, the attacker could then replace legitimate binaries with malicious ones. This enables Wizvera to install malicious software on visitors\u2019 devices.\u201d\n\nAdditionally, the attackers used illegally obtained code-signing certificates in order to sign the malware samples. One of these certificates was issued to the US branch of a South Korean security company. \u201cThe attackers camouflaged the Lazarus malware samples as legitimate software. These samples have similar file names, icons and resources as legitimate South Korean software,\u201d says Peter K\u00e1lnai, ESET researcher who analysed the Lazarus attack with Cherepanov. \u201cIt\u2019s the combination of compromised websites with Wizvera VeraPort support and specific VeraPort configuration options that allows attackers to perform this attack.\u201d\n\n\u201cWhat has transpired here highlights how cybersecurity does not operate within a vacuum,\u201d added Stuart Sharp, VP of Technical Services at OneLogin. \u201cMaintaining good cybersecurity requires keeping an eye on the basics, and ensuring that the organisations you partner with in the supply chain do as well - as the saying goes, your security is only as strong as your weakest link. In this instance, the South Korean government should ensure that the software manager verifies the owner of the certificate, and that all organisations within their supply chain are adhering to a standard set of cyber hygiene rules as well as performing regular security audits. This is particularly true if they are requiring users to download software to access certain services.\u201d\n\n\u201cThis attack by Lazarus group is yet another example of how cybercriminals will try to compromise the supply chain at any weak spot to gain access,\u201d agreed Javvad Malik, Security Awareness Advocate at KnowBe4. \u201cIt's therefore essential that all organisations have effective and robust security controls in place to maintain the integrity of their supply chains and the security of transactions which take place across them. We saw Petya ransomware spread through most of Ukraine due to a compromised tax filing software. Government departments in particular need to keep a close eye on mandatory software or portals which, if compromised, can quickly have large impacts.\u201d\n\n\u201cThis is yet another case of cybercriminals finding loopholes in security procedures,\u201d concluded Cipot. \u201cBased on feedback from ESET researchers, the easiest prevention of such an attack would be to provide hashes on the binaries in the configuration files. That way, the binary cannot be installed if the hashes do not match. Unfortunately, skipping this extra security step has allowed attackers to abuse the otherwise robust system. We see this often, where misconfiguration can lead to significant consequences. While typically we hear about instances of misconfigured S3 buckets, in this case, it was a misconfigured instruction file.\u201d\n\nwww.eset.com<\/a>","post_title":"ESET Research discovers Lazarus attack in South Korea","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"eset-research-discovers-lazarus-attack-in-south-korea","to_ping":"","pinged":"","post_modified":"2020-11-17 13:49:59","post_modified_gmt":"2020-11-17 13:49:59","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4000","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3655,"post_author":"3","post_date":"2020-10-21 17:06:04","post_date_gmt":"2020-10-21 16:06:04","post_content":"

HID Global has been working with banking software manufacturer Temenos to expand the features of its multi-factor authentication solution that are available to Temenos Infinity users. HID\u2019s risk-based authentication solution is pre-integrated with Temenos\u2019 digital front office product, Infinity.<\/p>\n

<\/p>\n

\u201cHID is committed to helping Temenos customers meet today\u2019s extraordinary demand for safe and secure access to mobile and online banking services as a result of the current global health crisis,\u201d said Brad Jarvis, Vice President and Managing Director of the Identity & Access Management Solutions with HID Global. \u201cWe are ensuring that Temenos Infinity users can benefit from the broadest range of capabilities in our risk-based authentication solution, from onboarding and transaction signing through self-service and management.\u201d<\/p>\n

<\/p>\n

HID\u2019s offering supports the latest Temenos Infinity capabilities through its HID ActivID Authentication Platform featuring the HID Risk Management Solution with real-time risk profiling technology. Temenos Infinity users now benefit from a wide range of options for authentication and onboarding, including static passwords, multiple types of One Time Passwords (OTPs) and FIDO hardware authenticators, and mobile push notification leveraging public key cryptography. In addition to this, further capabilities include <\/a>pre-integrated HID Identity Verification Service capabilities that simplify and enhance digital identity self-service and management while increasing administrative visibility.<\/p>\n

<\/p>\n

\u201cAs the leader in banking software, we know that the need for modern digital banking in this \u2018New Normal\u2019 will be greater than ever,\u201d said James Holland, Director of Product Security with Temenos. \u201cTemenos is helping banks support today\u2019s surge in digital banking volumes while also ensuring that these interactions are secure at every point, including the consumer\u2019s device where they are initiated.  We welcome these new capabilities from HID Global.\u201d<\/p>\n

<\/p>\n

<\/p>\n

www.hidglobal.com<\/a><\/p>","post_title":"HID Global expands multi-factor authentication features for Temenos Infinity","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"hid-global-expands-multi-factor-authentication-features-for-temenos-infinity","to_ping":"","pinged":"","post_modified":"2023-01-23 10:57:39","post_modified_gmt":"2023-01-23 10:57:39","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3655","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3642,"post_author":"3","post_date":"2020-10-21 11:14:26","post_date_gmt":"2020-10-21 10:14:26","post_content":"

Mastercard has partnered with IDEMIA and MatchMove for its first pilot in Asia of a biometric card that uses a fingerprint to authorise transactions at in-store payment terminals. The card, with the product name F.CODE Easy, is said to make transactions more convenient, safe and secure by eliminating the need for a cardholder to provide a PIN number or signature, thereby reducing touch points in public places.<\/p>\n

<\/p>\n

Developed by IDEMIA in accordance with Mastercard\u2019s technical and design specifications, F.CODE Easy stores all biometric credentials on the card chip rather than a central database. The battery-free card, which harvests energy from payment terminals to power its fingerprint sensor, is designed to be user-friendly and is certified to ISO standards by Mastercard for security and compliance.<\/p>\n

<\/p>\n

MatchMove, a Banking as a Service provider in Singapore, will issue the biometric cards for the pilot in the fourth quarter of 2020. The pilot will feature employees of Mastercard, IDEMIA and MatchMove using the cards for transactions and live demonstrations for customers.<\/p>\n

<\/p>\n

\u201cAs people make a permanent move to contactless transactions, the biometric card promises more choice and greater security for consumers,\u201d said Matthew Driver, Executive Vice President, Services, Asia Pacific, Mastercard. \u201cWith Mastercard\u2019s focus on digital commerce, this solution is a testament to the innovative partnerships Mastercard cultivates and its mission to provide fast, frictionless payment experiences that are protected at every point.\u201d<\/p>\n

<\/p>\n

\u201cWe are proud to celebrate this milestone on our journey to shaping the future of payments into one powered by biometrics,\u201d said Vincent Mouret, Senior Vice President of Financial Institutions Asia Pacific at IDEMIA. \u201cWe are delighted to partner with Mastercard and MatchMove to launch F.CODE Easy in Asia and we look forward to continuing to work together to provide end-to-end security for fintechs.\u201d<\/p>\n

<\/p>\n

\u201cWe are excited to partner with IDEMIA and Mastercard to pioneer cutting-edge solutions that empower our customers to make safe and secure payments,\u201d said Amar Abrol, Chief Commercial Officer at MatchMove. \u201cBy leveraging F.CODE Easy, we can enable multiple use cases for our clients who in turn create greater value and utility for their customers, employees, suppliers and partners. We look forward to working together and introducing new innovative solutions to the market.\u201d<\/p>\n

<\/p>\n

www.idemia.com<\/a><\/p>","post_title":"Mastercard, IDEMIA and MatchMove pilot biometric Card in Asia","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"mastercard-idemia-and-matchmove-pilot-biometric-card-in-asia","to_ping":"","pinged":"","post_modified":"2022-12-14 16:11:10","post_modified_gmt":"2022-12-14 16:11:10","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3642","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3400,"post_author":"3","post_date":"2020-10-16 17:52:28","post_date_gmt":"2020-10-16 16:52:28","post_content":"Zimperium discusses the security and privacy issues found in 400 mobile banking and payment apps distributed in the EMEA region.","post_title":"Security and risk findings in the top 400 EMEA mobile banking apps","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"security-and-risk-findings-in-the-top-400-emea-mobile-banking-apps","to_ping":"","pinged":"","post_modified":"2020-10-16 17:52:30","post_modified_gmt":"2020-10-16 16:52:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3400","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"}],"next":false,"prev":false,"total_page":1},"paged":1,"column_class":"jeg_col_2o3","class":"epic_block_14"};

\n

\u201cWe saw how we could use PingAccess and PingFederate to work across web, mobile and API. The ease with which we could deploy across channels was a critical factor, along with the data governance capabilities,\u201d explains McConchie. \u201cPing Identity gives us the flexible authorisation capabilities we need to minimise friction and deliver a customer-centric experience.\u201d<\/p>\n\n\n\n

\u201cModern enterprises require increased business agility, and banks are no exception,\u201d said Emma Maslen, VP and general manager of Ping Identity, EMEA & APAC, \u201cFinancial institutions are faced with unforgiving customers and uniquely robust compliance requirements. This amplifies the need for a partner that not only understands their complexities but can deliver flexible security solutions that deliver an integrated customer experience to achieve business goals.\u201d<\/p>\n\n\n\n

www.pingidentity.com<\/a><\/p>\n\n\n\n

www.proofid.com<\/a><\/p>\n","post_title":"Ping Identity and ProofID supply identity security for Tesco Bank","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-and-proofid-supply-identity-security-for-tesco-bank","to_ping":"","pinged":"","post_modified":"2021-05-18 14:56:46","post_modified_gmt":"2021-05-18 13:56:46","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6153","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":6132,"post_author":"1","post_date":"2021-05-14 16:19:02","post_date_gmt":"2021-05-14 15:19:02","post_content":"Cloud technology has been proven to help businesses remain operational during the pandemic and has helped facilitate a digital transformation process that was already underway in many sectors, including financial services. Now, as the success of the vaccination programme and drop in infection rates leads to a relaxing of lockdown regulations, retail and investment banks will be looking to help large numbers of employees back to work to resume full service.\n\nBut this gradual transition will require planning and consideration to be given to health and safety alongside the expected high levels of security. While mask wearing and social distancing measures are set to be relaxed over the coming months, it\u2019s nevertheless imperative that day-to-day business is not jeopardised by a spread of infection as a result of complacency. This is where technology has an important role to play, with benefits that will transcend the pandemic, equipping banks and financial services for future challenges.\n\nThe evolution of hosted physical security<\/strong>\n\nPhysical security too is transforming. In today\u2019s modern world, dated standalone CCTV and manually operated access barriers, are increasingly being replaced with cloud-enabled network cameras and digital access control mechanisms. Such technologies provide multiple layers of protection, both at a building\u2019s entrance and within the premises itself. The internet of things (IoT) brings seamless device connectivity and data sharing for a streamlined, efficient and intelligent security solution.\n\nTo better understand the capacity for cloud to help improve security and provide operational benefits during the pandemic and beyond, hosted security provider Morphean, commissioned a survey of 1,000 senior decision makers across the UK, Germany and Sweden. Results revealed that 51% of respondents are currently using a cloud-based video surveillance (VSaaS) and\/or a door entry\/access control system (ACaaS), and that 95% of those surveyed agree that if an existing security system could deliver insights beyond security to assist decision making it would influence adoption.\n\nImproving the management of premises and people<\/strong>\n\nIn such a high security environment, VSaaS and ACaaS can help managers to determine staff whereabouts and to know who is in the building at any one time. For example, an access control solution which is linked to an HR database can check the swipe of an access card against staff records. Surveillance cameras also provide secondary authentication through visual clarification of an individual\u2019s identity. An employee who is flagged by the system as being on leave, absent or no longer employed will trigger an automated alert to relevant personnel, who can take swift action.\n\nWith concerns turning to the potential spread of Covid-19 variants, frictionless access control mechanisms ensure a fast and hands-free method of admitting staff to the premises, using surveillance cameras, QR codes, or mobile phone identification to avoid the touching of shared surfaces, minimising cross infection risk. IP audio equipment that is connected to the surveillance system can be used to issue messages, either pre-recorded or in real-time, to remind staff of the importance of maintaining a safe distance from each other and configured to trigger an automated warning message while simultaneously making security personnel aware of any situation.\n\nUnlocking powerful operational insights<\/strong>\n\nEnsuring that only staff who are necessary for day-to-day operations are on site is a sensible way to further minimise infection risk. Remote monitoring and operational insights can be employed to check premises via tablet or mobile, removing any need to enter a site unnecessarily. In fact, access from any location (32%), remote maintenance (31%), and the ability to monitor empty sites (29%) were all identified as key benefits of introducing VSaaS and ACaaS, alongside better security (40%) and better functionality (33%). VSaaS and ACaaS include regular software updates and firmware upgrades, resulting in a solution that is always online and always up to date.\n\nVSaaS and ACaaS are based on a pay-per-use business model which means that systems can be easily scaled up or down in accordance with customer requirements, while monthly recurring payments remove the need for large upfront capital expenditure. Partnering with a trusted physical security provider will ensure delivery of a future-proof system that\u2019s capable of high levels of security while unlocking powerful business intelligence. Managers will benefit from insight into staff movement around the premises and adherence to health and safety protocols for complete peace of mind.\n\nThe evolving threat landscape and the broad range of challenges that the future will bring is something that all companies must consider. Fortunately, cloud-enabled physical security now appears to sit firmly on the agenda. For the banking and finance industry, VSaaS and ACaaS provide a flexible security and business solution that will enable them to meet ever evolving demands and confidently face the future.\n\nFor further insights on VSaaS and ACaaS adoption in Europe, download Morphean's whitepaper:\n\nLandscape Report 2020\/21: Hosted Security adoption in Europe<\/a>\n\nwww.morphean.com<\/a>","post_title":"Opinion | Improving banking security and operations through innovations in cloud","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"opinion-improving-banking-security-and-operations-through-innovations-in-cloud","to_ping":"","pinged":"","post_modified":"2021-05-14 16:19:05","post_modified_gmt":"2021-05-14 15:19:05","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6132","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":6070,"post_author":"48","post_date":"2021-05-12 13:00:28","post_date_gmt":"2021-05-12 12:00:28","post_content":"\n

Employee safety is a top priority in retail stores, bank branches, and similar applications. Using Bosch's method of integrating the intrusion system's panic buttons or bill trap sensors with the radio dispatch system, this can provide added security by alerting security personnel to high-risk situations.<\/p>\n\n\n\n

\nhttps:\/\/www.youtube.com\/watch?v=-Erg_9Y9y28&ab_channel=BoschSecurityandSafetySystems\n<\/div><\/figure>\n\n\n\n

https:\/\/www.boschsecurity.com\/gb\/en\/<\/a><\/p>\n","post_title":"Bosch Security Systems | Assuring employee safety","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bosch-security-systems-assuring-employee-safety","to_ping":"","pinged":"","post_modified":"2022-07-11 20:22:00","post_modified_gmt":"2022-07-11 19:22:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6070","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5921,"post_author":"3","post_date":"2021-04-30 17:35:38","post_date_gmt":"2021-04-30 16:35:38","post_content":"Reiknistofa bankanna (RB), an IT service provider for Icelandic financial institutions, has recently overhauled its security infrastructure with Genetec Security Center. Following a project from systems integrator Hafnes Ehf, RB is now using Genetec to manage its cameras, access control and video analytics through a single interface.\n\nRB is a provider of mission-critical IT systems for Icelandic financial institutions, responsible for the country\u2019s central clearance and settlement system, and a number of multi-tenant core banking solutions. RB places a very high importance on security, not only to ensure its data stays safe, but also to protect employees and visiting clients. While its server rooms and offices were protected via disparate video and access control systems, the technology was old, and maintenance was becoming both a financial and an operational burden.\n\nRB operates its solutions across multiple data centres in a shared, multi-bank environment. This requires a system that brings video and access control into a single solution. As an open unified platform, Genetec Security Center was reportedly chosen as it simplified daily security operations, allowed for further integration with other tools such as RB\u2019s heating and cooling systems, and delivered business-wide value.\n\n\u201cFrom day one we wanted a unified system which could help our teams understand the situation quickly; alerting them if anything required their attention,\u201d said Geir S\u00e6mundsson, Datacentre Manager at Reiknistofa bankanna. \u201cThe Genetec solution does just this and is allowing us to build-in customised alerts so we gain business intelligence \u2013 providing us with better ROI.\u201d\n\n\u201cPhysical security teams are demanding simplicity and greater functionality,\u201d added Anthonie van der Ploeg, Director of Sales for Benelux & Nordics at Genetec. \u201cUnification can offer them both by bringing together all security system components seamlessly in a single software platform in a way that can vastly improve security management. We are delighted that Iceland\u2019s Reiknistofa Bankanna has experienced the deep business insights Genetec Security Center is capable of delivering and we look forward to supporting them as they evolve and grow their operations.\u201d\n\n\u201cThe time savings delivered by Genetec have been immense,\u201d concluded S\u00e6mundsson. \u201cIt\u2019s been a worthwhile investment, especially as it can evolve with us, and allows us to move at our chosen speed. Considering its ease of use, deep integration and leading analytics, we look forward to continuing the partnership over the coming years.\u201d\n\nwww.genetec.com<\/a>","post_title":"Genetec protects Iceland\u2019s financial services backbone","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"genetec-protects-icelands-financial-services-backbone","to_ping":"","pinged":"","post_modified":"2023-01-23 10:33:37","post_modified_gmt":"2023-01-23 10:33:37","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5921","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5156,"post_author":"3","post_date":"2021-03-04 08:47:26","post_date_gmt":"2021-03-04 08:47:26","post_content":"Bothwell Exchange, a new construction commercial space in Glasgow, Scotland, has installed an array of Boon Edam\u2019s Speedlane Slide optical turnstiles in the lobby and two TQA automatic revolving doors at the main entrance to control access.\n\nBothwell Exchange is a 9-storey, 155,000 sq. ft. commercial building located at 122 Waterloo Street in Glasgow, Scotland\u2019s International Financial Services District (IFSD). The location houses various international banking giants, as well as a gym, a kitchen and other amenities for employees. Architectural firm Michael Laird Associates led the design of the project, to create modern design with an open, column-free look and feel.\n\nWhen the project was completed, Bothwell Exchange was named the first development in Scotland to achieve the Platinum Wiredscore Certification, demonstrating that the building goes above and beyond to meet its tenants\u2019 connectivity needs. Bothwell Exchange was also awarded a BREEAM Excellent Rating, a performance standard which measures a building\u2019s sustainable value in a series of categories, ranging from energy to ecology.\n\nThe architects wanted to incorporate an automatic revolving door into the entrance of the building. Revolving doors are \u201calways open, always closed,\u201d meaning that no matter the position of the door, there is always a seal between the outside environment and the interior building. This helps save on energy costs and lobby space, without slowing down traffic. In consideration of these benefits, it was decided that the Bothwell Exchange entrance would consist of two automatic, 4-wing TQA revolving doors finished in 316 stainless steel. Additionally, for added security after hours, each door was outfitted with an external night sliding door set that completely seals the throat opening and can be locked to deter intruders.\n\nDuring the construction phase of building design, the architects communicated a need to incorporate security measures into the open lobby without impairing the flow of traffic in and out of the building. After a discussion around the estimated traffic needs of the building, the team decided to install a four-lane array of Speedlane Slide optical turnstiles to control unauthorised entry while still allowing 20-30 people per lane to enter each minute. To handle multiple types of traffic, the turnstile array was comprised of three standard-width lanes and one ADA-width lane. The wide lane would accommodate both employee traffic and the occasional wheelchair or delivery.\n\nwww.boonedam.com<\/a>","post_title":"Bothwell Exchange installs Boon Edam turnstiles and revolving doors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bothwell-exchange-installs-boon-edam-turnstiles-and-revolving-doors","to_ping":"","pinged":"","post_modified":"2021-03-04 08:47:30","post_modified_gmt":"2021-03-04 08:47:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5156","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4810,"post_author":"3","post_date":"2021-02-03 15:16:33","post_date_gmt":"2021-02-03 15:16:33","post_content":"Dahua Technology UK and Ireland has created a feature-rich virtual experience dubbed the Virtual Innovation Centre as a way to counter the continued absence of face-to-face trade events during the pandemic.\n\nThe innovation centre features immersive virtual reality, where visitors are able to walk through a pavilion and see Dahua\u2019s latest product and technology innovations. Visitors can select an automatic tour of the entire pavilion to get an overview on what is on offer, with the option of stopping at particular exhibits to drill down to the level of detail they require. Alternatively, visitors can navigate the pavilion at their own pace, stopping off wherever they like. Users can visit the site around the clock, and there is no limit to the number of times it can be accessed.\n\n\u201cWe are thrilled by the launch of our Virtual Innovation Centre, which has been carefully planned and designed to give users the optimum experience from the comfort and safety of their own homes or offices,\u201d said Michael Lawrence, Marketing Director for Dahua UK & Ireland. \u201cIt is the closest thing visitors can get to a live physical exhibition, but with the addition of a wealth of multimedia and online content.\u201d\n\nExhibits include: video solutions with AI learning capabilities; a range of temperature monitoring solutions including TMAC, Dahua\u2019s contactless temperature monitoring access control system; smart home and smart retail applications; and video intercom solutions. There are also areas dedicated to specific vertical applications such as smart transport, safe cities, smart retail and smart banking.\n\nvirtual-innovation-centre.dahuasecuritysolutions.co.uk<\/a>","post_title":"Dahua UK and Ireland launches virtual innovation centre","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"dahua-uk-and-ireland-launches-virtual-innovation-centre","to_ping":"","pinged":"","post_modified":"2021-02-03 15:16:35","post_modified_gmt":"2021-02-03 15:16:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4810","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4801,"post_author":"3","post_date":"2021-02-03 09:41:54","post_date_gmt":"2021-02-03 09:41:54","post_content":"Ping Identity has launched PingOne Verify, a cloud service that helps enterprises verify their customers\u2019 identities for rapid account onboarding, authentication and fraud prevention. The new service is the latest addition to Ping Identity\u2019s suite of cloud services for identity and access management (IAM).\n\n\u201cEnterprises need individuals to verify their identity to prevent fraud, but if the verification process is too cumbersome, they risk losing customers in their first interactions with the business,\u201d said Andre Durand, CEO and founder of Ping Identity. \u201cPingOne Verify is a simple way to verify identities that meets all of an enterprise\u2019s security requirements, while giving customers a streamlined, passwordless, onboarding experience.\u201d\n\nPingOne Verify enables enterprises to embed identity verification directly into their customer-facing mobile app. Customers provide live-capture selfies along with an image of their government-issued identification card, such as a driver\u2019s license or passport. The technology leverages \u2018liveness detection\u2019, in which customers\u2019 facial gestures \u2013 like smiling and straight-faced \u2013 are captured in a continuous stream, rather than a single static image, allowing PingOne Verify to ensure the end-user is a real, live person who is able to follow instructions.\n\nThe system uses facial recognition technology to match the live-face capture with the customer\u2019s image on their government ID. Once it is determined to be a match, PingOne Verify then taps into external data services to validate the government ID is not tampered with or modified. The service connects a customer\u2019s verified identity to their mobile device during the initial verification, bypassing the need to scan a government ID on subsequent verifications. The manufacturer states that this approach can lower the overall cost of identity verification for enterprises without impacting security.\n\nPing Identity believes its new service is ideal for companies in regulated industries, such as financial services and insurance, which have strict Know Your Customer (KYC) requirements. The risk level during the first interaction with a customer has high potential for fraudulent activity or account takeover. PingOne Verify could help these enterprises make sure that they are engaging with the right customers from the very first interaction.\n\nwww.pingidentity.com<\/a>","post_title":"Ping Identity launches identity verification service","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-launches-identity-verification-service","to_ping":"","pinged":"","post_modified":"2021-02-03 09:42:00","post_modified_gmt":"2021-02-03 09:42:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4801","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4739,"post_author":"3","post_date":"2021-01-30 02:27:00","post_date_gmt":"2021-01-30 02:27:00","post_content":"Software-Defined Trust specialists MagicCube has been appointed to the Board of Advisors at the PCI Security Standards Council (PCI SSC), whose role helps to ensure the security of card payment systems and determines international standards. MagicCube\u2019s CTO and co-founder, Nancy Zayed, will sit on the board.\n\n\u201cThe Board of Advisors provides industry expertise and perspectives that influence and shape the development of PCI Security Standards and programmes,\u201d said Lance J Johnson, PCI SSC Executive Director. \u201cWe look forward to working with MagicCube in our efforts to help organisations secure payment data globally.\u201d\n\nMagicCube\u2019s appointment is the first of a startup to the Board, which includes the likes of Amazon, JPMorganChase, Citi and PayPal, and the first of a Software-Defined Trust (SDT) platform designed for payments.\n\n\u201cWe rely on input from the Board of Advisors to develop data security standards and programmes that help businesses globally detect, mitigate and prevent cyberattacks and breaches,\u201d said Troy Leach, PCI SSC SVP Engagement Officer. \u201cWe\u2019re pleased to have MagicCube on the PCI SSC Board of Advisors to provide critical insights and help us build on the great efforts that are already being done to increase payment security globally.\u201d\n\n\u201cWe\u2019re extremely proud to have been elected to join the PCI Security Standards Council\u2019s Board of Advisors to continue our work on advising in the development of the PCI Security Standards,\u201d said Zayed. \u201cWe are hoping to share and contribute our experience in providing innovative provable software security technologies designed to come to par with hardware-based security yet competes with it in terms of practicality and ease of adoption, therefore enriching solutions\u2019 availability and extending optionality and speeds of adoption. Our objective of working within the Council to create and advance the standards for adopting new security technologies delivers on the Council\u2019s mission of maintaining the same high level of security of large volume of transactions across the many forms and configurations of payment platforms.\u201d\n\nwww.magiccube.co<\/a>","post_title":"MagicCube appointed to PCI Security Standards Council Board of Advisors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"magiccube-appointed-to-pci-security-standards-council-board-of-advisors","to_ping":"","pinged":"","post_modified":"2021-01-29 16:34:21","post_modified_gmt":"2021-01-29 16:34:21","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4739","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4516,"post_author":"3","post_date":"2021-01-11 10:23:32","post_date_gmt":"2021-01-11 10:23:32","post_content":"A third-party file sharing service used by the Reserve Bank of New Zealand \u2013 Te P\u016btea Matua to share and store some sensitive information, has been illegally accessed. Governor Adrian Orr stated that the breach has been contained, but that it would take time to determine the impact.\n\n\u201cWe are actively working with domestic and international cyber security experts and other relevant authorities as part of our investigation,\u201d said Orr. \u201cThis includes the GCSB\u2019s National Cyber Security Centre which has been notified and is providing guidance and advice. We have been advised by the third party provider that this wasn\u2019t a specific attack on the Reserve Bank, and other users of the file sharing application were also compromised.\u201d\n\nThe bank is working to understand the nature and extent of information that has been potentially accessed. However, it warns that it may include some commercially and personally sensitive information. The bank reports that the breached system has been secured and taken offline and that it is working with system users whose information may have been accessed.\n\n\u201cOur core functions and New Zealand\u2019s financial system remain sound, and Te P\u016btea Matua is open for business. This includes our markets operations and management of the cash and payments systems,\u201d concluded Orr.\n\nwww.rbnz.govt.nz<\/a>","post_title":"Reserve Bank of New Zealand suffers data breach","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"reserve-bank-of-new-zealand-suffers-data-breach","to_ping":"","pinged":"","post_modified":"2021-01-11 10:23:35","post_modified_gmt":"2021-01-11 10:23:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4516","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4205,"post_author":"3","post_date":"2020-12-09 12:09:02","post_date_gmt":"2020-12-09 12:09:02","post_content":"Idemia has signed a deal with Rocker to enhance contactless payment security for the blue-chip Swedish FinTech and bank challenger. The agreement will see Idemia\u2019s F.CODE biometric payment cards undergo a proof of concept with Rocker customers during the first quarter of 2021.\n\n\u201cAs a bank challenger, we are constantly testing new technology to develop smarter financial services that are easier to use and that help our customers improve their everyday financial lives,\u201d stated Jonas Hultin, Chief Product Officer and one of Rocker\u2019s three founders. \u201cWe are moving at a high pace to provide new and attractive innovations to customers. Launching biometric F.CODE debit cards is part of our strategy to offer smart and secure payment solutions across platforms, whether you wish to pay with your mobile, a card or with a transfer. In doing so, we are first in Sweden and one of the first in the world to offer this payment technology for consumers.\u201d\n\nThe deal marks the first ever-biometric card proof of concept in Northern Europe and will see payments using the card fingerprint-checked in store. The F.CODE payment card adopts a biometric authentication procedure making transactions quicker, more hygienic and more secure as cardholders no longer need to enter a PIN or sign. The solution ensures security by storing all biometric credentials only in the chip on the card, rather than in a remote database.\n\nThe battery-free card that will be rolled out in mid-2021 following the proof of concept is powered by the payment terminal and is designed to be user-friendly. Rocker aims to offer the F.CODE card as a new service in its growing offering of retail financial services that are easier to use, more flexible and better priced. The proof of concept will be completed by the first quarter of 2021.\n\n\u201cWe are proud to partner with Rocker and to shape the future of payments, hand in hand with a FinTech at the cutting edge of innovation,\u201d said Amanda Gourbault, IDEMIA\u2019s Executive Vice-President Financial Institutions. \u201cWe are delighted to ensure an innovative yet seamless experience to Rocker\u2019s customers thanks to the use of biometrics.\u201d\n\nwww.idemia.com<\/a>","post_title":"Idemia partners with Rocker to offer the first biometric card in Sweden","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"idemia-partners-with-rocker-to-offer-the-first-biometric-card-in-sweden","to_ping":"","pinged":"","post_modified":"2022-12-14 16:10:48","post_modified_gmt":"2022-12-14 16:10:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4205","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4155,"post_author":"3","post_date":"2020-12-04 15:36:00","post_date_gmt":"2020-12-04 15:36:00","post_content":"

Thales has launched the Gemalto Intelligent Double-sided ID Card Reader CR5400i, a product it describes as the world\u2019s only double-sided ID card reader and the first to be able to examine ID cards or driving licenses in the cloud in less than four seconds.<\/p>\n

The manufacturer states that its reader protects businesses from fraud and forgery thanks to sophisticated mechanisms for superior document authentication. The \u201ci\u201d version permits multiple intelligent readers to be centrally connected via Wi-Fi for organisations that need to deploy a fleet of readers. The compact device can also be set up, managed and serviced remotely.<\/p>\n

To use the device, a user inserts their ID card into the reader which reads both sides of the card simultaneously. Once this action is complete, a LED changes from blue to green and the ID is ejected and returned to its owner with no physical interaction between the user and operator.<\/p>\n

\u201cAt Thales we are committed to bring both convenience and security to the ID verification process. With the new double-sided reader the user experience is smooth while the service provider can fight ID fraud benefitting from a flexible and easy-to-integrate solution,\u201d said James MacLean Director of Document Reading Solutions at Thales. \u201cIn addition, the Covid-19 context has brought new challenges that Thales\u2019 intelligent ID card reader answers with its touch-free feature.\u201d<\/p>\n

www.thalesgroup.com<\/a><\/p>\n \n\n ","post_title":"Thales unveils double-sided ID card reader","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"thales-unveils-double-sided-id-card-reader","to_ping":"","pinged":"","post_modified":"2020-12-03 17:38:48","post_modified_gmt":"2020-12-03 17:38:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4155","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4079,"post_author":"3","post_date":"2020-11-27 17:28:17","post_date_gmt":"2020-11-27 17:28:17","post_content":"The Australian Prudential Regulation Authority (APRA) has released its Cyber Security Strategy for 2020 to 2024. The strategy seeks to lift cybersecurity standards further and introduce heightened accountability where companies fail to meet their legally binding requirements. Most notably, it also aims to extend APRA\u2019s reach beyond its regulated entities to influence the broader eco-system of suppliers and providers they rely upon.\n\nIn a speech to the Financial Services Assurance Forum, APRA Executive Board Member Geoff Summerhayes stated: \u201cTo date, no APRA-regulated bank, insurer or superannuation fund has suffered a material cyber breach, but our view that it\u2019s only a matter of time until a major incident occurs hasn\u2019t changed. Although the financial industry takes cyber risk seriously, there is room for improvement. For example, too many boards still lack visibility or understanding of the problems, while internal audit functions can lack the specialist skills to challenge boards and management to plug urgent gaps.\u201d\n\nThe new strategy builds on APRA\u2019s previous strategic initiatives including the delivery of its information security prudential standard and prudential guidance, and establishing a notification and response process for material cyber incidents.\n\n\u201cThe Strategy has been informed by extensive consultation with the Department of Home Affairs, as well as Treasury, ASIC and the Reserve Bank of Australia, and is designed to complement Australia\u2019s Cyber Security Strategy 2020,\u201d explained Summerhayes. \u201cOur mission is to make a step change in Australia\u2019s financial system cyber resilience. Our vision is for a financial system that can stand firm against cyber-attacks.\u201d\n\nThe Strategy comprises three primary focus areas. First is to establish a baseline of cyber controls by reinforcing the embedding of non-negotiable cyber practices. The second priority is to enable boards and executives of financial institutions to oversee and direct correction of cyber exposures. The final branch of APRA\u2019s new strategy is to rectify weak links within the broader financial eco-system and supply chain by fostering the maturation of provider cyber-assessment and assurance, and harmonising the regulation and supervision of cyber across the financial system.\n\n\u201cAs the threat posed by domestic and international cyber adversaries grows, along with the potential impact of a successful attack, we must remain on guard and continue to build our defences,\u201d concluded Summerhayes. \u201cIn an environment where an attack on one of us could be an attack on any of us, we are all \u2013 governments, regulators, organisations and individuals \u2013 links in a chain \u2013 and we are in this battle together. By sharing information and expertise, pooling resources and taking prompt action to plug gaps and fix weak links, we create a community of cyber defenders that is greater than the sum of its parts. In doing so, we help to keep the chain as strong as possible, and lock out those who would do us harm.\u201d\n\nwww.apra.gov.au<\/a>","post_title":"APRA releases new cybersecurity strategy","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"apra-releases-new-cybersecurity-strategy","to_ping":"","pinged":"","post_modified":"2020-11-27 17:28:22","post_modified_gmt":"2020-11-27 17:28:22","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4079","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4000,"post_author":"3","post_date":"2020-11-17 13:49:56","post_date_gmt":"2020-11-17 13:49:56","post_content":"ESET researchers have discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates stolen from two different companies. The attack was made easier for Lazarus as South Korean internet users are often asked to install additional security software when visiting government or internet banking websites.\n\n\u201cTo understand this novel supply-chain attack, you should be aware that Wizvera VeraPort, referred to as an integration installation program, is a South Korean application that helps manage such additional security software. When Wizvera VeraPort is installed, users receive and install all necessary software required by a specific website. Minimal user interaction is required to start such software installation,\u201d explained Anton Cherepanov, ESET researcher who led the investigation into the attack. \u201cUsually this software is used by government and banking websites in South Korea. For some of these websites it\u2019s mandatory to have Wizvera VeraPort installed.\u201d\n\n\u201cWhile the Wizvera software does exhibit security maturity and offers a safeguard to cyber threats, it only does what the configuration file instructs,\u201d observed Boris Cipot, senior security engineer at Synopsys. \u201cIn other words, the file informs Wizvera on which software it should install. All that hackers had to do was find the websites that were easiest to breach. Once breached, the attacker could then replace legitimate binaries with malicious ones. This enables Wizvera to install malicious software on visitors\u2019 devices.\u201d\n\nAdditionally, the attackers used illegally obtained code-signing certificates in order to sign the malware samples. One of these certificates was issued to the US branch of a South Korean security company. \u201cThe attackers camouflaged the Lazarus malware samples as legitimate software. These samples have similar file names, icons and resources as legitimate South Korean software,\u201d says Peter K\u00e1lnai, ESET researcher who analysed the Lazarus attack with Cherepanov. \u201cIt\u2019s the combination of compromised websites with Wizvera VeraPort support and specific VeraPort configuration options that allows attackers to perform this attack.\u201d\n\n\u201cWhat has transpired here highlights how cybersecurity does not operate within a vacuum,\u201d added Stuart Sharp, VP of Technical Services at OneLogin. \u201cMaintaining good cybersecurity requires keeping an eye on the basics, and ensuring that the organisations you partner with in the supply chain do as well - as the saying goes, your security is only as strong as your weakest link. In this instance, the South Korean government should ensure that the software manager verifies the owner of the certificate, and that all organisations within their supply chain are adhering to a standard set of cyber hygiene rules as well as performing regular security audits. This is particularly true if they are requiring users to download software to access certain services.\u201d\n\n\u201cThis attack by Lazarus group is yet another example of how cybercriminals will try to compromise the supply chain at any weak spot to gain access,\u201d agreed Javvad Malik, Security Awareness Advocate at KnowBe4. \u201cIt's therefore essential that all organisations have effective and robust security controls in place to maintain the integrity of their supply chains and the security of transactions which take place across them. We saw Petya ransomware spread through most of Ukraine due to a compromised tax filing software. Government departments in particular need to keep a close eye on mandatory software or portals which, if compromised, can quickly have large impacts.\u201d\n\n\u201cThis is yet another case of cybercriminals finding loopholes in security procedures,\u201d concluded Cipot. \u201cBased on feedback from ESET researchers, the easiest prevention of such an attack would be to provide hashes on the binaries in the configuration files. That way, the binary cannot be installed if the hashes do not match. Unfortunately, skipping this extra security step has allowed attackers to abuse the otherwise robust system. We see this often, where misconfiguration can lead to significant consequences. While typically we hear about instances of misconfigured S3 buckets, in this case, it was a misconfigured instruction file.\u201d\n\nwww.eset.com<\/a>","post_title":"ESET Research discovers Lazarus attack in South Korea","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"eset-research-discovers-lazarus-attack-in-south-korea","to_ping":"","pinged":"","post_modified":"2020-11-17 13:49:59","post_modified_gmt":"2020-11-17 13:49:59","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4000","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3655,"post_author":"3","post_date":"2020-10-21 17:06:04","post_date_gmt":"2020-10-21 16:06:04","post_content":"

HID Global has been working with banking software manufacturer Temenos to expand the features of its multi-factor authentication solution that are available to Temenos Infinity users. HID\u2019s risk-based authentication solution is pre-integrated with Temenos\u2019 digital front office product, Infinity.<\/p>\n

<\/p>\n

\u201cHID is committed to helping Temenos customers meet today\u2019s extraordinary demand for safe and secure access to mobile and online banking services as a result of the current global health crisis,\u201d said Brad Jarvis, Vice President and Managing Director of the Identity & Access Management Solutions with HID Global. \u201cWe are ensuring that Temenos Infinity users can benefit from the broadest range of capabilities in our risk-based authentication solution, from onboarding and transaction signing through self-service and management.\u201d<\/p>\n

<\/p>\n

HID\u2019s offering supports the latest Temenos Infinity capabilities through its HID ActivID Authentication Platform featuring the HID Risk Management Solution with real-time risk profiling technology. Temenos Infinity users now benefit from a wide range of options for authentication and onboarding, including static passwords, multiple types of One Time Passwords (OTPs) and FIDO hardware authenticators, and mobile push notification leveraging public key cryptography. In addition to this, further capabilities include <\/a>pre-integrated HID Identity Verification Service capabilities that simplify and enhance digital identity self-service and management while increasing administrative visibility.<\/p>\n

<\/p>\n

\u201cAs the leader in banking software, we know that the need for modern digital banking in this \u2018New Normal\u2019 will be greater than ever,\u201d said James Holland, Director of Product Security with Temenos. \u201cTemenos is helping banks support today\u2019s surge in digital banking volumes while also ensuring that these interactions are secure at every point, including the consumer\u2019s device where they are initiated.  We welcome these new capabilities from HID Global.\u201d<\/p>\n

<\/p>\n

<\/p>\n

www.hidglobal.com<\/a><\/p>","post_title":"HID Global expands multi-factor authentication features for Temenos Infinity","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"hid-global-expands-multi-factor-authentication-features-for-temenos-infinity","to_ping":"","pinged":"","post_modified":"2023-01-23 10:57:39","post_modified_gmt":"2023-01-23 10:57:39","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3655","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3642,"post_author":"3","post_date":"2020-10-21 11:14:26","post_date_gmt":"2020-10-21 10:14:26","post_content":"

Mastercard has partnered with IDEMIA and MatchMove for its first pilot in Asia of a biometric card that uses a fingerprint to authorise transactions at in-store payment terminals. The card, with the product name F.CODE Easy, is said to make transactions more convenient, safe and secure by eliminating the need for a cardholder to provide a PIN number or signature, thereby reducing touch points in public places.<\/p>\n

<\/p>\n

Developed by IDEMIA in accordance with Mastercard\u2019s technical and design specifications, F.CODE Easy stores all biometric credentials on the card chip rather than a central database. The battery-free card, which harvests energy from payment terminals to power its fingerprint sensor, is designed to be user-friendly and is certified to ISO standards by Mastercard for security and compliance.<\/p>\n

<\/p>\n

MatchMove, a Banking as a Service provider in Singapore, will issue the biometric cards for the pilot in the fourth quarter of 2020. The pilot will feature employees of Mastercard, IDEMIA and MatchMove using the cards for transactions and live demonstrations for customers.<\/p>\n

<\/p>\n

\u201cAs people make a permanent move to contactless transactions, the biometric card promises more choice and greater security for consumers,\u201d said Matthew Driver, Executive Vice President, Services, Asia Pacific, Mastercard. \u201cWith Mastercard\u2019s focus on digital commerce, this solution is a testament to the innovative partnerships Mastercard cultivates and its mission to provide fast, frictionless payment experiences that are protected at every point.\u201d<\/p>\n

<\/p>\n

\u201cWe are proud to celebrate this milestone on our journey to shaping the future of payments into one powered by biometrics,\u201d said Vincent Mouret, Senior Vice President of Financial Institutions Asia Pacific at IDEMIA. \u201cWe are delighted to partner with Mastercard and MatchMove to launch F.CODE Easy in Asia and we look forward to continuing to work together to provide end-to-end security for fintechs.\u201d<\/p>\n

<\/p>\n

\u201cWe are excited to partner with IDEMIA and Mastercard to pioneer cutting-edge solutions that empower our customers to make safe and secure payments,\u201d said Amar Abrol, Chief Commercial Officer at MatchMove. \u201cBy leveraging F.CODE Easy, we can enable multiple use cases for our clients who in turn create greater value and utility for their customers, employees, suppliers and partners. We look forward to working together and introducing new innovative solutions to the market.\u201d<\/p>\n

<\/p>\n

www.idemia.com<\/a><\/p>","post_title":"Mastercard, IDEMIA and MatchMove pilot biometric Card in Asia","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"mastercard-idemia-and-matchmove-pilot-biometric-card-in-asia","to_ping":"","pinged":"","post_modified":"2022-12-14 16:11:10","post_modified_gmt":"2022-12-14 16:11:10","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3642","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3400,"post_author":"3","post_date":"2020-10-16 17:52:28","post_date_gmt":"2020-10-16 16:52:28","post_content":"Zimperium discusses the security and privacy issues found in 400 mobile banking and payment apps distributed in the EMEA region.","post_title":"Security and risk findings in the top 400 EMEA mobile banking apps","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"security-and-risk-findings-in-the-top-400-emea-mobile-banking-apps","to_ping":"","pinged":"","post_modified":"2020-10-16 17:52:30","post_modified_gmt":"2020-10-16 16:52:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3400","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"}],"next":false,"prev":false,"total_page":1},"paged":1,"column_class":"jeg_col_2o3","class":"epic_block_14"};

\n

With ProofID as the implementation partner, Tesco Bank configured its new PingAccess and PingFederate cluster to secure key applications in 12 weeks, which included building a single-factor login journey and deploying it across their private AWS cloud. The result is a common identity provider with self-service features across banking, credit cards and general insurance, which allows customers to more easily manage their money and have an overall better experience. <\/p>\n\n\n\n

\u201cWe saw how we could use PingAccess and PingFederate to work across web, mobile and API. The ease with which we could deploy across channels was a critical factor, along with the data governance capabilities,\u201d explains McConchie. \u201cPing Identity gives us the flexible authorisation capabilities we need to minimise friction and deliver a customer-centric experience.\u201d<\/p>\n\n\n\n

\u201cModern enterprises require increased business agility, and banks are no exception,\u201d said Emma Maslen, VP and general manager of Ping Identity, EMEA & APAC, \u201cFinancial institutions are faced with unforgiving customers and uniquely robust compliance requirements. This amplifies the need for a partner that not only understands their complexities but can deliver flexible security solutions that deliver an integrated customer experience to achieve business goals.\u201d<\/p>\n\n\n\n

www.pingidentity.com<\/a><\/p>\n\n\n\n

www.proofid.com<\/a><\/p>\n","post_title":"Ping Identity and ProofID supply identity security for Tesco Bank","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-and-proofid-supply-identity-security-for-tesco-bank","to_ping":"","pinged":"","post_modified":"2021-05-18 14:56:46","post_modified_gmt":"2021-05-18 13:56:46","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6153","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":6132,"post_author":"1","post_date":"2021-05-14 16:19:02","post_date_gmt":"2021-05-14 15:19:02","post_content":"Cloud technology has been proven to help businesses remain operational during the pandemic and has helped facilitate a digital transformation process that was already underway in many sectors, including financial services. Now, as the success of the vaccination programme and drop in infection rates leads to a relaxing of lockdown regulations, retail and investment banks will be looking to help large numbers of employees back to work to resume full service.\n\nBut this gradual transition will require planning and consideration to be given to health and safety alongside the expected high levels of security. While mask wearing and social distancing measures are set to be relaxed over the coming months, it\u2019s nevertheless imperative that day-to-day business is not jeopardised by a spread of infection as a result of complacency. This is where technology has an important role to play, with benefits that will transcend the pandemic, equipping banks and financial services for future challenges.\n\nThe evolution of hosted physical security<\/strong>\n\nPhysical security too is transforming. In today\u2019s modern world, dated standalone CCTV and manually operated access barriers, are increasingly being replaced with cloud-enabled network cameras and digital access control mechanisms. Such technologies provide multiple layers of protection, both at a building\u2019s entrance and within the premises itself. The internet of things (IoT) brings seamless device connectivity and data sharing for a streamlined, efficient and intelligent security solution.\n\nTo better understand the capacity for cloud to help improve security and provide operational benefits during the pandemic and beyond, hosted security provider Morphean, commissioned a survey of 1,000 senior decision makers across the UK, Germany and Sweden. Results revealed that 51% of respondents are currently using a cloud-based video surveillance (VSaaS) and\/or a door entry\/access control system (ACaaS), and that 95% of those surveyed agree that if an existing security system could deliver insights beyond security to assist decision making it would influence adoption.\n\nImproving the management of premises and people<\/strong>\n\nIn such a high security environment, VSaaS and ACaaS can help managers to determine staff whereabouts and to know who is in the building at any one time. For example, an access control solution which is linked to an HR database can check the swipe of an access card against staff records. Surveillance cameras also provide secondary authentication through visual clarification of an individual\u2019s identity. An employee who is flagged by the system as being on leave, absent or no longer employed will trigger an automated alert to relevant personnel, who can take swift action.\n\nWith concerns turning to the potential spread of Covid-19 variants, frictionless access control mechanisms ensure a fast and hands-free method of admitting staff to the premises, using surveillance cameras, QR codes, or mobile phone identification to avoid the touching of shared surfaces, minimising cross infection risk. IP audio equipment that is connected to the surveillance system can be used to issue messages, either pre-recorded or in real-time, to remind staff of the importance of maintaining a safe distance from each other and configured to trigger an automated warning message while simultaneously making security personnel aware of any situation.\n\nUnlocking powerful operational insights<\/strong>\n\nEnsuring that only staff who are necessary for day-to-day operations are on site is a sensible way to further minimise infection risk. Remote monitoring and operational insights can be employed to check premises via tablet or mobile, removing any need to enter a site unnecessarily. In fact, access from any location (32%), remote maintenance (31%), and the ability to monitor empty sites (29%) were all identified as key benefits of introducing VSaaS and ACaaS, alongside better security (40%) and better functionality (33%). VSaaS and ACaaS include regular software updates and firmware upgrades, resulting in a solution that is always online and always up to date.\n\nVSaaS and ACaaS are based on a pay-per-use business model which means that systems can be easily scaled up or down in accordance with customer requirements, while monthly recurring payments remove the need for large upfront capital expenditure. Partnering with a trusted physical security provider will ensure delivery of a future-proof system that\u2019s capable of high levels of security while unlocking powerful business intelligence. Managers will benefit from insight into staff movement around the premises and adherence to health and safety protocols for complete peace of mind.\n\nThe evolving threat landscape and the broad range of challenges that the future will bring is something that all companies must consider. Fortunately, cloud-enabled physical security now appears to sit firmly on the agenda. For the banking and finance industry, VSaaS and ACaaS provide a flexible security and business solution that will enable them to meet ever evolving demands and confidently face the future.\n\nFor further insights on VSaaS and ACaaS adoption in Europe, download Morphean's whitepaper:\n\nLandscape Report 2020\/21: Hosted Security adoption in Europe<\/a>\n\nwww.morphean.com<\/a>","post_title":"Opinion | Improving banking security and operations through innovations in cloud","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"opinion-improving-banking-security-and-operations-through-innovations-in-cloud","to_ping":"","pinged":"","post_modified":"2021-05-14 16:19:05","post_modified_gmt":"2021-05-14 15:19:05","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6132","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":6070,"post_author":"48","post_date":"2021-05-12 13:00:28","post_date_gmt":"2021-05-12 12:00:28","post_content":"\n

Employee safety is a top priority in retail stores, bank branches, and similar applications. Using Bosch's method of integrating the intrusion system's panic buttons or bill trap sensors with the radio dispatch system, this can provide added security by alerting security personnel to high-risk situations.<\/p>\n\n\n\n

\nhttps:\/\/www.youtube.com\/watch?v=-Erg_9Y9y28&ab_channel=BoschSecurityandSafetySystems\n<\/div><\/figure>\n\n\n\n

https:\/\/www.boschsecurity.com\/gb\/en\/<\/a><\/p>\n","post_title":"Bosch Security Systems | Assuring employee safety","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bosch-security-systems-assuring-employee-safety","to_ping":"","pinged":"","post_modified":"2022-07-11 20:22:00","post_modified_gmt":"2022-07-11 19:22:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6070","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5921,"post_author":"3","post_date":"2021-04-30 17:35:38","post_date_gmt":"2021-04-30 16:35:38","post_content":"Reiknistofa bankanna (RB), an IT service provider for Icelandic financial institutions, has recently overhauled its security infrastructure with Genetec Security Center. Following a project from systems integrator Hafnes Ehf, RB is now using Genetec to manage its cameras, access control and video analytics through a single interface.\n\nRB is a provider of mission-critical IT systems for Icelandic financial institutions, responsible for the country\u2019s central clearance and settlement system, and a number of multi-tenant core banking solutions. RB places a very high importance on security, not only to ensure its data stays safe, but also to protect employees and visiting clients. While its server rooms and offices were protected via disparate video and access control systems, the technology was old, and maintenance was becoming both a financial and an operational burden.\n\nRB operates its solutions across multiple data centres in a shared, multi-bank environment. This requires a system that brings video and access control into a single solution. As an open unified platform, Genetec Security Center was reportedly chosen as it simplified daily security operations, allowed for further integration with other tools such as RB\u2019s heating and cooling systems, and delivered business-wide value.\n\n\u201cFrom day one we wanted a unified system which could help our teams understand the situation quickly; alerting them if anything required their attention,\u201d said Geir S\u00e6mundsson, Datacentre Manager at Reiknistofa bankanna. \u201cThe Genetec solution does just this and is allowing us to build-in customised alerts so we gain business intelligence \u2013 providing us with better ROI.\u201d\n\n\u201cPhysical security teams are demanding simplicity and greater functionality,\u201d added Anthonie van der Ploeg, Director of Sales for Benelux & Nordics at Genetec. \u201cUnification can offer them both by bringing together all security system components seamlessly in a single software platform in a way that can vastly improve security management. We are delighted that Iceland\u2019s Reiknistofa Bankanna has experienced the deep business insights Genetec Security Center is capable of delivering and we look forward to supporting them as they evolve and grow their operations.\u201d\n\n\u201cThe time savings delivered by Genetec have been immense,\u201d concluded S\u00e6mundsson. \u201cIt\u2019s been a worthwhile investment, especially as it can evolve with us, and allows us to move at our chosen speed. Considering its ease of use, deep integration and leading analytics, we look forward to continuing the partnership over the coming years.\u201d\n\nwww.genetec.com<\/a>","post_title":"Genetec protects Iceland\u2019s financial services backbone","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"genetec-protects-icelands-financial-services-backbone","to_ping":"","pinged":"","post_modified":"2023-01-23 10:33:37","post_modified_gmt":"2023-01-23 10:33:37","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5921","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5156,"post_author":"3","post_date":"2021-03-04 08:47:26","post_date_gmt":"2021-03-04 08:47:26","post_content":"Bothwell Exchange, a new construction commercial space in Glasgow, Scotland, has installed an array of Boon Edam\u2019s Speedlane Slide optical turnstiles in the lobby and two TQA automatic revolving doors at the main entrance to control access.\n\nBothwell Exchange is a 9-storey, 155,000 sq. ft. commercial building located at 122 Waterloo Street in Glasgow, Scotland\u2019s International Financial Services District (IFSD). The location houses various international banking giants, as well as a gym, a kitchen and other amenities for employees. Architectural firm Michael Laird Associates led the design of the project, to create modern design with an open, column-free look and feel.\n\nWhen the project was completed, Bothwell Exchange was named the first development in Scotland to achieve the Platinum Wiredscore Certification, demonstrating that the building goes above and beyond to meet its tenants\u2019 connectivity needs. Bothwell Exchange was also awarded a BREEAM Excellent Rating, a performance standard which measures a building\u2019s sustainable value in a series of categories, ranging from energy to ecology.\n\nThe architects wanted to incorporate an automatic revolving door into the entrance of the building. Revolving doors are \u201calways open, always closed,\u201d meaning that no matter the position of the door, there is always a seal between the outside environment and the interior building. This helps save on energy costs and lobby space, without slowing down traffic. In consideration of these benefits, it was decided that the Bothwell Exchange entrance would consist of two automatic, 4-wing TQA revolving doors finished in 316 stainless steel. Additionally, for added security after hours, each door was outfitted with an external night sliding door set that completely seals the throat opening and can be locked to deter intruders.\n\nDuring the construction phase of building design, the architects communicated a need to incorporate security measures into the open lobby without impairing the flow of traffic in and out of the building. After a discussion around the estimated traffic needs of the building, the team decided to install a four-lane array of Speedlane Slide optical turnstiles to control unauthorised entry while still allowing 20-30 people per lane to enter each minute. To handle multiple types of traffic, the turnstile array was comprised of three standard-width lanes and one ADA-width lane. The wide lane would accommodate both employee traffic and the occasional wheelchair or delivery.\n\nwww.boonedam.com<\/a>","post_title":"Bothwell Exchange installs Boon Edam turnstiles and revolving doors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bothwell-exchange-installs-boon-edam-turnstiles-and-revolving-doors","to_ping":"","pinged":"","post_modified":"2021-03-04 08:47:30","post_modified_gmt":"2021-03-04 08:47:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5156","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4810,"post_author":"3","post_date":"2021-02-03 15:16:33","post_date_gmt":"2021-02-03 15:16:33","post_content":"Dahua Technology UK and Ireland has created a feature-rich virtual experience dubbed the Virtual Innovation Centre as a way to counter the continued absence of face-to-face trade events during the pandemic.\n\nThe innovation centre features immersive virtual reality, where visitors are able to walk through a pavilion and see Dahua\u2019s latest product and technology innovations. Visitors can select an automatic tour of the entire pavilion to get an overview on what is on offer, with the option of stopping at particular exhibits to drill down to the level of detail they require. Alternatively, visitors can navigate the pavilion at their own pace, stopping off wherever they like. Users can visit the site around the clock, and there is no limit to the number of times it can be accessed.\n\n\u201cWe are thrilled by the launch of our Virtual Innovation Centre, which has been carefully planned and designed to give users the optimum experience from the comfort and safety of their own homes or offices,\u201d said Michael Lawrence, Marketing Director for Dahua UK & Ireland. \u201cIt is the closest thing visitors can get to a live physical exhibition, but with the addition of a wealth of multimedia and online content.\u201d\n\nExhibits include: video solutions with AI learning capabilities; a range of temperature monitoring solutions including TMAC, Dahua\u2019s contactless temperature monitoring access control system; smart home and smart retail applications; and video intercom solutions. There are also areas dedicated to specific vertical applications such as smart transport, safe cities, smart retail and smart banking.\n\nvirtual-innovation-centre.dahuasecuritysolutions.co.uk<\/a>","post_title":"Dahua UK and Ireland launches virtual innovation centre","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"dahua-uk-and-ireland-launches-virtual-innovation-centre","to_ping":"","pinged":"","post_modified":"2021-02-03 15:16:35","post_modified_gmt":"2021-02-03 15:16:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4810","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4801,"post_author":"3","post_date":"2021-02-03 09:41:54","post_date_gmt":"2021-02-03 09:41:54","post_content":"Ping Identity has launched PingOne Verify, a cloud service that helps enterprises verify their customers\u2019 identities for rapid account onboarding, authentication and fraud prevention. The new service is the latest addition to Ping Identity\u2019s suite of cloud services for identity and access management (IAM).\n\n\u201cEnterprises need individuals to verify their identity to prevent fraud, but if the verification process is too cumbersome, they risk losing customers in their first interactions with the business,\u201d said Andre Durand, CEO and founder of Ping Identity. \u201cPingOne Verify is a simple way to verify identities that meets all of an enterprise\u2019s security requirements, while giving customers a streamlined, passwordless, onboarding experience.\u201d\n\nPingOne Verify enables enterprises to embed identity verification directly into their customer-facing mobile app. Customers provide live-capture selfies along with an image of their government-issued identification card, such as a driver\u2019s license or passport. The technology leverages \u2018liveness detection\u2019, in which customers\u2019 facial gestures \u2013 like smiling and straight-faced \u2013 are captured in a continuous stream, rather than a single static image, allowing PingOne Verify to ensure the end-user is a real, live person who is able to follow instructions.\n\nThe system uses facial recognition technology to match the live-face capture with the customer\u2019s image on their government ID. Once it is determined to be a match, PingOne Verify then taps into external data services to validate the government ID is not tampered with or modified. The service connects a customer\u2019s verified identity to their mobile device during the initial verification, bypassing the need to scan a government ID on subsequent verifications. The manufacturer states that this approach can lower the overall cost of identity verification for enterprises without impacting security.\n\nPing Identity believes its new service is ideal for companies in regulated industries, such as financial services and insurance, which have strict Know Your Customer (KYC) requirements. The risk level during the first interaction with a customer has high potential for fraudulent activity or account takeover. PingOne Verify could help these enterprises make sure that they are engaging with the right customers from the very first interaction.\n\nwww.pingidentity.com<\/a>","post_title":"Ping Identity launches identity verification service","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-launches-identity-verification-service","to_ping":"","pinged":"","post_modified":"2021-02-03 09:42:00","post_modified_gmt":"2021-02-03 09:42:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4801","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4739,"post_author":"3","post_date":"2021-01-30 02:27:00","post_date_gmt":"2021-01-30 02:27:00","post_content":"Software-Defined Trust specialists MagicCube has been appointed to the Board of Advisors at the PCI Security Standards Council (PCI SSC), whose role helps to ensure the security of card payment systems and determines international standards. MagicCube\u2019s CTO and co-founder, Nancy Zayed, will sit on the board.\n\n\u201cThe Board of Advisors provides industry expertise and perspectives that influence and shape the development of PCI Security Standards and programmes,\u201d said Lance J Johnson, PCI SSC Executive Director. \u201cWe look forward to working with MagicCube in our efforts to help organisations secure payment data globally.\u201d\n\nMagicCube\u2019s appointment is the first of a startup to the Board, which includes the likes of Amazon, JPMorganChase, Citi and PayPal, and the first of a Software-Defined Trust (SDT) platform designed for payments.\n\n\u201cWe rely on input from the Board of Advisors to develop data security standards and programmes that help businesses globally detect, mitigate and prevent cyberattacks and breaches,\u201d said Troy Leach, PCI SSC SVP Engagement Officer. \u201cWe\u2019re pleased to have MagicCube on the PCI SSC Board of Advisors to provide critical insights and help us build on the great efforts that are already being done to increase payment security globally.\u201d\n\n\u201cWe\u2019re extremely proud to have been elected to join the PCI Security Standards Council\u2019s Board of Advisors to continue our work on advising in the development of the PCI Security Standards,\u201d said Zayed. \u201cWe are hoping to share and contribute our experience in providing innovative provable software security technologies designed to come to par with hardware-based security yet competes with it in terms of practicality and ease of adoption, therefore enriching solutions\u2019 availability and extending optionality and speeds of adoption. Our objective of working within the Council to create and advance the standards for adopting new security technologies delivers on the Council\u2019s mission of maintaining the same high level of security of large volume of transactions across the many forms and configurations of payment platforms.\u201d\n\nwww.magiccube.co<\/a>","post_title":"MagicCube appointed to PCI Security Standards Council Board of Advisors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"magiccube-appointed-to-pci-security-standards-council-board-of-advisors","to_ping":"","pinged":"","post_modified":"2021-01-29 16:34:21","post_modified_gmt":"2021-01-29 16:34:21","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4739","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4516,"post_author":"3","post_date":"2021-01-11 10:23:32","post_date_gmt":"2021-01-11 10:23:32","post_content":"A third-party file sharing service used by the Reserve Bank of New Zealand \u2013 Te P\u016btea Matua to share and store some sensitive information, has been illegally accessed. Governor Adrian Orr stated that the breach has been contained, but that it would take time to determine the impact.\n\n\u201cWe are actively working with domestic and international cyber security experts and other relevant authorities as part of our investigation,\u201d said Orr. \u201cThis includes the GCSB\u2019s National Cyber Security Centre which has been notified and is providing guidance and advice. We have been advised by the third party provider that this wasn\u2019t a specific attack on the Reserve Bank, and other users of the file sharing application were also compromised.\u201d\n\nThe bank is working to understand the nature and extent of information that has been potentially accessed. However, it warns that it may include some commercially and personally sensitive information. The bank reports that the breached system has been secured and taken offline and that it is working with system users whose information may have been accessed.\n\n\u201cOur core functions and New Zealand\u2019s financial system remain sound, and Te P\u016btea Matua is open for business. This includes our markets operations and management of the cash and payments systems,\u201d concluded Orr.\n\nwww.rbnz.govt.nz<\/a>","post_title":"Reserve Bank of New Zealand suffers data breach","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"reserve-bank-of-new-zealand-suffers-data-breach","to_ping":"","pinged":"","post_modified":"2021-01-11 10:23:35","post_modified_gmt":"2021-01-11 10:23:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4516","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4205,"post_author":"3","post_date":"2020-12-09 12:09:02","post_date_gmt":"2020-12-09 12:09:02","post_content":"Idemia has signed a deal with Rocker to enhance contactless payment security for the blue-chip Swedish FinTech and bank challenger. The agreement will see Idemia\u2019s F.CODE biometric payment cards undergo a proof of concept with Rocker customers during the first quarter of 2021.\n\n\u201cAs a bank challenger, we are constantly testing new technology to develop smarter financial services that are easier to use and that help our customers improve their everyday financial lives,\u201d stated Jonas Hultin, Chief Product Officer and one of Rocker\u2019s three founders. \u201cWe are moving at a high pace to provide new and attractive innovations to customers. Launching biometric F.CODE debit cards is part of our strategy to offer smart and secure payment solutions across platforms, whether you wish to pay with your mobile, a card or with a transfer. In doing so, we are first in Sweden and one of the first in the world to offer this payment technology for consumers.\u201d\n\nThe deal marks the first ever-biometric card proof of concept in Northern Europe and will see payments using the card fingerprint-checked in store. The F.CODE payment card adopts a biometric authentication procedure making transactions quicker, more hygienic and more secure as cardholders no longer need to enter a PIN or sign. The solution ensures security by storing all biometric credentials only in the chip on the card, rather than in a remote database.\n\nThe battery-free card that will be rolled out in mid-2021 following the proof of concept is powered by the payment terminal and is designed to be user-friendly. Rocker aims to offer the F.CODE card as a new service in its growing offering of retail financial services that are easier to use, more flexible and better priced. The proof of concept will be completed by the first quarter of 2021.\n\n\u201cWe are proud to partner with Rocker and to shape the future of payments, hand in hand with a FinTech at the cutting edge of innovation,\u201d said Amanda Gourbault, IDEMIA\u2019s Executive Vice-President Financial Institutions. \u201cWe are delighted to ensure an innovative yet seamless experience to Rocker\u2019s customers thanks to the use of biometrics.\u201d\n\nwww.idemia.com<\/a>","post_title":"Idemia partners with Rocker to offer the first biometric card in Sweden","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"idemia-partners-with-rocker-to-offer-the-first-biometric-card-in-sweden","to_ping":"","pinged":"","post_modified":"2022-12-14 16:10:48","post_modified_gmt":"2022-12-14 16:10:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4205","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4155,"post_author":"3","post_date":"2020-12-04 15:36:00","post_date_gmt":"2020-12-04 15:36:00","post_content":"

Thales has launched the Gemalto Intelligent Double-sided ID Card Reader CR5400i, a product it describes as the world\u2019s only double-sided ID card reader and the first to be able to examine ID cards or driving licenses in the cloud in less than four seconds.<\/p>\n

The manufacturer states that its reader protects businesses from fraud and forgery thanks to sophisticated mechanisms for superior document authentication. The \u201ci\u201d version permits multiple intelligent readers to be centrally connected via Wi-Fi for organisations that need to deploy a fleet of readers. The compact device can also be set up, managed and serviced remotely.<\/p>\n

To use the device, a user inserts their ID card into the reader which reads both sides of the card simultaneously. Once this action is complete, a LED changes from blue to green and the ID is ejected and returned to its owner with no physical interaction between the user and operator.<\/p>\n

\u201cAt Thales we are committed to bring both convenience and security to the ID verification process. With the new double-sided reader the user experience is smooth while the service provider can fight ID fraud benefitting from a flexible and easy-to-integrate solution,\u201d said James MacLean Director of Document Reading Solutions at Thales. \u201cIn addition, the Covid-19 context has brought new challenges that Thales\u2019 intelligent ID card reader answers with its touch-free feature.\u201d<\/p>\n

www.thalesgroup.com<\/a><\/p>\n \n\n ","post_title":"Thales unveils double-sided ID card reader","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"thales-unveils-double-sided-id-card-reader","to_ping":"","pinged":"","post_modified":"2020-12-03 17:38:48","post_modified_gmt":"2020-12-03 17:38:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4155","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4079,"post_author":"3","post_date":"2020-11-27 17:28:17","post_date_gmt":"2020-11-27 17:28:17","post_content":"The Australian Prudential Regulation Authority (APRA) has released its Cyber Security Strategy for 2020 to 2024. The strategy seeks to lift cybersecurity standards further and introduce heightened accountability where companies fail to meet their legally binding requirements. Most notably, it also aims to extend APRA\u2019s reach beyond its regulated entities to influence the broader eco-system of suppliers and providers they rely upon.\n\nIn a speech to the Financial Services Assurance Forum, APRA Executive Board Member Geoff Summerhayes stated: \u201cTo date, no APRA-regulated bank, insurer or superannuation fund has suffered a material cyber breach, but our view that it\u2019s only a matter of time until a major incident occurs hasn\u2019t changed. Although the financial industry takes cyber risk seriously, there is room for improvement. For example, too many boards still lack visibility or understanding of the problems, while internal audit functions can lack the specialist skills to challenge boards and management to plug urgent gaps.\u201d\n\nThe new strategy builds on APRA\u2019s previous strategic initiatives including the delivery of its information security prudential standard and prudential guidance, and establishing a notification and response process for material cyber incidents.\n\n\u201cThe Strategy has been informed by extensive consultation with the Department of Home Affairs, as well as Treasury, ASIC and the Reserve Bank of Australia, and is designed to complement Australia\u2019s Cyber Security Strategy 2020,\u201d explained Summerhayes. \u201cOur mission is to make a step change in Australia\u2019s financial system cyber resilience. Our vision is for a financial system that can stand firm against cyber-attacks.\u201d\n\nThe Strategy comprises three primary focus areas. First is to establish a baseline of cyber controls by reinforcing the embedding of non-negotiable cyber practices. The second priority is to enable boards and executives of financial institutions to oversee and direct correction of cyber exposures. The final branch of APRA\u2019s new strategy is to rectify weak links within the broader financial eco-system and supply chain by fostering the maturation of provider cyber-assessment and assurance, and harmonising the regulation and supervision of cyber across the financial system.\n\n\u201cAs the threat posed by domestic and international cyber adversaries grows, along with the potential impact of a successful attack, we must remain on guard and continue to build our defences,\u201d concluded Summerhayes. \u201cIn an environment where an attack on one of us could be an attack on any of us, we are all \u2013 governments, regulators, organisations and individuals \u2013 links in a chain \u2013 and we are in this battle together. By sharing information and expertise, pooling resources and taking prompt action to plug gaps and fix weak links, we create a community of cyber defenders that is greater than the sum of its parts. In doing so, we help to keep the chain as strong as possible, and lock out those who would do us harm.\u201d\n\nwww.apra.gov.au<\/a>","post_title":"APRA releases new cybersecurity strategy","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"apra-releases-new-cybersecurity-strategy","to_ping":"","pinged":"","post_modified":"2020-11-27 17:28:22","post_modified_gmt":"2020-11-27 17:28:22","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4079","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4000,"post_author":"3","post_date":"2020-11-17 13:49:56","post_date_gmt":"2020-11-17 13:49:56","post_content":"ESET researchers have discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates stolen from two different companies. The attack was made easier for Lazarus as South Korean internet users are often asked to install additional security software when visiting government or internet banking websites.\n\n\u201cTo understand this novel supply-chain attack, you should be aware that Wizvera VeraPort, referred to as an integration installation program, is a South Korean application that helps manage such additional security software. When Wizvera VeraPort is installed, users receive and install all necessary software required by a specific website. Minimal user interaction is required to start such software installation,\u201d explained Anton Cherepanov, ESET researcher who led the investigation into the attack. \u201cUsually this software is used by government and banking websites in South Korea. For some of these websites it\u2019s mandatory to have Wizvera VeraPort installed.\u201d\n\n\u201cWhile the Wizvera software does exhibit security maturity and offers a safeguard to cyber threats, it only does what the configuration file instructs,\u201d observed Boris Cipot, senior security engineer at Synopsys. \u201cIn other words, the file informs Wizvera on which software it should install. All that hackers had to do was find the websites that were easiest to breach. Once breached, the attacker could then replace legitimate binaries with malicious ones. This enables Wizvera to install malicious software on visitors\u2019 devices.\u201d\n\nAdditionally, the attackers used illegally obtained code-signing certificates in order to sign the malware samples. One of these certificates was issued to the US branch of a South Korean security company. \u201cThe attackers camouflaged the Lazarus malware samples as legitimate software. These samples have similar file names, icons and resources as legitimate South Korean software,\u201d says Peter K\u00e1lnai, ESET researcher who analysed the Lazarus attack with Cherepanov. \u201cIt\u2019s the combination of compromised websites with Wizvera VeraPort support and specific VeraPort configuration options that allows attackers to perform this attack.\u201d\n\n\u201cWhat has transpired here highlights how cybersecurity does not operate within a vacuum,\u201d added Stuart Sharp, VP of Technical Services at OneLogin. \u201cMaintaining good cybersecurity requires keeping an eye on the basics, and ensuring that the organisations you partner with in the supply chain do as well - as the saying goes, your security is only as strong as your weakest link. In this instance, the South Korean government should ensure that the software manager verifies the owner of the certificate, and that all organisations within their supply chain are adhering to a standard set of cyber hygiene rules as well as performing regular security audits. This is particularly true if they are requiring users to download software to access certain services.\u201d\n\n\u201cThis attack by Lazarus group is yet another example of how cybercriminals will try to compromise the supply chain at any weak spot to gain access,\u201d agreed Javvad Malik, Security Awareness Advocate at KnowBe4. \u201cIt's therefore essential that all organisations have effective and robust security controls in place to maintain the integrity of their supply chains and the security of transactions which take place across them. We saw Petya ransomware spread through most of Ukraine due to a compromised tax filing software. Government departments in particular need to keep a close eye on mandatory software or portals which, if compromised, can quickly have large impacts.\u201d\n\n\u201cThis is yet another case of cybercriminals finding loopholes in security procedures,\u201d concluded Cipot. \u201cBased on feedback from ESET researchers, the easiest prevention of such an attack would be to provide hashes on the binaries in the configuration files. That way, the binary cannot be installed if the hashes do not match. Unfortunately, skipping this extra security step has allowed attackers to abuse the otherwise robust system. We see this often, where misconfiguration can lead to significant consequences. While typically we hear about instances of misconfigured S3 buckets, in this case, it was a misconfigured instruction file.\u201d\n\nwww.eset.com<\/a>","post_title":"ESET Research discovers Lazarus attack in South Korea","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"eset-research-discovers-lazarus-attack-in-south-korea","to_ping":"","pinged":"","post_modified":"2020-11-17 13:49:59","post_modified_gmt":"2020-11-17 13:49:59","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4000","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3655,"post_author":"3","post_date":"2020-10-21 17:06:04","post_date_gmt":"2020-10-21 16:06:04","post_content":"

HID Global has been working with banking software manufacturer Temenos to expand the features of its multi-factor authentication solution that are available to Temenos Infinity users. HID\u2019s risk-based authentication solution is pre-integrated with Temenos\u2019 digital front office product, Infinity.<\/p>\n

<\/p>\n

\u201cHID is committed to helping Temenos customers meet today\u2019s extraordinary demand for safe and secure access to mobile and online banking services as a result of the current global health crisis,\u201d said Brad Jarvis, Vice President and Managing Director of the Identity & Access Management Solutions with HID Global. \u201cWe are ensuring that Temenos Infinity users can benefit from the broadest range of capabilities in our risk-based authentication solution, from onboarding and transaction signing through self-service and management.\u201d<\/p>\n

<\/p>\n

HID\u2019s offering supports the latest Temenos Infinity capabilities through its HID ActivID Authentication Platform featuring the HID Risk Management Solution with real-time risk profiling technology. Temenos Infinity users now benefit from a wide range of options for authentication and onboarding, including static passwords, multiple types of One Time Passwords (OTPs) and FIDO hardware authenticators, and mobile push notification leveraging public key cryptography. In addition to this, further capabilities include <\/a>pre-integrated HID Identity Verification Service capabilities that simplify and enhance digital identity self-service and management while increasing administrative visibility.<\/p>\n

<\/p>\n

\u201cAs the leader in banking software, we know that the need for modern digital banking in this \u2018New Normal\u2019 will be greater than ever,\u201d said James Holland, Director of Product Security with Temenos. \u201cTemenos is helping banks support today\u2019s surge in digital banking volumes while also ensuring that these interactions are secure at every point, including the consumer\u2019s device where they are initiated.  We welcome these new capabilities from HID Global.\u201d<\/p>\n

<\/p>\n

<\/p>\n

www.hidglobal.com<\/a><\/p>","post_title":"HID Global expands multi-factor authentication features for Temenos Infinity","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"hid-global-expands-multi-factor-authentication-features-for-temenos-infinity","to_ping":"","pinged":"","post_modified":"2023-01-23 10:57:39","post_modified_gmt":"2023-01-23 10:57:39","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3655","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3642,"post_author":"3","post_date":"2020-10-21 11:14:26","post_date_gmt":"2020-10-21 10:14:26","post_content":"

Mastercard has partnered with IDEMIA and MatchMove for its first pilot in Asia of a biometric card that uses a fingerprint to authorise transactions at in-store payment terminals. The card, with the product name F.CODE Easy, is said to make transactions more convenient, safe and secure by eliminating the need for a cardholder to provide a PIN number or signature, thereby reducing touch points in public places.<\/p>\n

<\/p>\n

Developed by IDEMIA in accordance with Mastercard\u2019s technical and design specifications, F.CODE Easy stores all biometric credentials on the card chip rather than a central database. The battery-free card, which harvests energy from payment terminals to power its fingerprint sensor, is designed to be user-friendly and is certified to ISO standards by Mastercard for security and compliance.<\/p>\n

<\/p>\n

MatchMove, a Banking as a Service provider in Singapore, will issue the biometric cards for the pilot in the fourth quarter of 2020. The pilot will feature employees of Mastercard, IDEMIA and MatchMove using the cards for transactions and live demonstrations for customers.<\/p>\n

<\/p>\n

\u201cAs people make a permanent move to contactless transactions, the biometric card promises more choice and greater security for consumers,\u201d said Matthew Driver, Executive Vice President, Services, Asia Pacific, Mastercard. \u201cWith Mastercard\u2019s focus on digital commerce, this solution is a testament to the innovative partnerships Mastercard cultivates and its mission to provide fast, frictionless payment experiences that are protected at every point.\u201d<\/p>\n

<\/p>\n

\u201cWe are proud to celebrate this milestone on our journey to shaping the future of payments into one powered by biometrics,\u201d said Vincent Mouret, Senior Vice President of Financial Institutions Asia Pacific at IDEMIA. \u201cWe are delighted to partner with Mastercard and MatchMove to launch F.CODE Easy in Asia and we look forward to continuing to work together to provide end-to-end security for fintechs.\u201d<\/p>\n

<\/p>\n

\u201cWe are excited to partner with IDEMIA and Mastercard to pioneer cutting-edge solutions that empower our customers to make safe and secure payments,\u201d said Amar Abrol, Chief Commercial Officer at MatchMove. \u201cBy leveraging F.CODE Easy, we can enable multiple use cases for our clients who in turn create greater value and utility for their customers, employees, suppliers and partners. We look forward to working together and introducing new innovative solutions to the market.\u201d<\/p>\n

<\/p>\n

www.idemia.com<\/a><\/p>","post_title":"Mastercard, IDEMIA and MatchMove pilot biometric Card in Asia","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"mastercard-idemia-and-matchmove-pilot-biometric-card-in-asia","to_ping":"","pinged":"","post_modified":"2022-12-14 16:11:10","post_modified_gmt":"2022-12-14 16:11:10","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3642","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3400,"post_author":"3","post_date":"2020-10-16 17:52:28","post_date_gmt":"2020-10-16 16:52:28","post_content":"Zimperium discusses the security and privacy issues found in 400 mobile banking and payment apps distributed in the EMEA region.","post_title":"Security and risk findings in the top 400 EMEA mobile banking apps","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"security-and-risk-findings-in-the-top-400-emea-mobile-banking-apps","to_ping":"","pinged":"","post_modified":"2020-10-16 17:52:30","post_modified_gmt":"2020-10-16 16:52:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3400","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"}],"next":false,"prev":false,"total_page":1},"paged":1,"column_class":"jeg_col_2o3","class":"epic_block_14"};

\n

These needs were hindered by an inflexible security posture that was adding cost and time to the launch of new applications and features. \u201cWe needed a customer security platform that could extend across all our channels,\u201d explains Tesco Bank security architect, David McConchie, \u201cand ultimately allow us to consolidate disparate identity data, laying the foundation for a common customer identity.\u201d<\/p>\n\n\n\n

With ProofID as the implementation partner, Tesco Bank configured its new PingAccess and PingFederate cluster to secure key applications in 12 weeks, which included building a single-factor login journey and deploying it across their private AWS cloud. The result is a common identity provider with self-service features across banking, credit cards and general insurance, which allows customers to more easily manage their money and have an overall better experience. <\/p>\n\n\n\n

\u201cWe saw how we could use PingAccess and PingFederate to work across web, mobile and API. The ease with which we could deploy across channels was a critical factor, along with the data governance capabilities,\u201d explains McConchie. \u201cPing Identity gives us the flexible authorisation capabilities we need to minimise friction and deliver a customer-centric experience.\u201d<\/p>\n\n\n\n

\u201cModern enterprises require increased business agility, and banks are no exception,\u201d said Emma Maslen, VP and general manager of Ping Identity, EMEA & APAC, \u201cFinancial institutions are faced with unforgiving customers and uniquely robust compliance requirements. This amplifies the need for a partner that not only understands their complexities but can deliver flexible security solutions that deliver an integrated customer experience to achieve business goals.\u201d<\/p>\n\n\n\n

www.pingidentity.com<\/a><\/p>\n\n\n\n

www.proofid.com<\/a><\/p>\n","post_title":"Ping Identity and ProofID supply identity security for Tesco Bank","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-and-proofid-supply-identity-security-for-tesco-bank","to_ping":"","pinged":"","post_modified":"2021-05-18 14:56:46","post_modified_gmt":"2021-05-18 13:56:46","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6153","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":6132,"post_author":"1","post_date":"2021-05-14 16:19:02","post_date_gmt":"2021-05-14 15:19:02","post_content":"Cloud technology has been proven to help businesses remain operational during the pandemic and has helped facilitate a digital transformation process that was already underway in many sectors, including financial services. Now, as the success of the vaccination programme and drop in infection rates leads to a relaxing of lockdown regulations, retail and investment banks will be looking to help large numbers of employees back to work to resume full service.\n\nBut this gradual transition will require planning and consideration to be given to health and safety alongside the expected high levels of security. While mask wearing and social distancing measures are set to be relaxed over the coming months, it\u2019s nevertheless imperative that day-to-day business is not jeopardised by a spread of infection as a result of complacency. This is where technology has an important role to play, with benefits that will transcend the pandemic, equipping banks and financial services for future challenges.\n\nThe evolution of hosted physical security<\/strong>\n\nPhysical security too is transforming. In today\u2019s modern world, dated standalone CCTV and manually operated access barriers, are increasingly being replaced with cloud-enabled network cameras and digital access control mechanisms. Such technologies provide multiple layers of protection, both at a building\u2019s entrance and within the premises itself. The internet of things (IoT) brings seamless device connectivity and data sharing for a streamlined, efficient and intelligent security solution.\n\nTo better understand the capacity for cloud to help improve security and provide operational benefits during the pandemic and beyond, hosted security provider Morphean, commissioned a survey of 1,000 senior decision makers across the UK, Germany and Sweden. Results revealed that 51% of respondents are currently using a cloud-based video surveillance (VSaaS) and\/or a door entry\/access control system (ACaaS), and that 95% of those surveyed agree that if an existing security system could deliver insights beyond security to assist decision making it would influence adoption.\n\nImproving the management of premises and people<\/strong>\n\nIn such a high security environment, VSaaS and ACaaS can help managers to determine staff whereabouts and to know who is in the building at any one time. For example, an access control solution which is linked to an HR database can check the swipe of an access card against staff records. Surveillance cameras also provide secondary authentication through visual clarification of an individual\u2019s identity. An employee who is flagged by the system as being on leave, absent or no longer employed will trigger an automated alert to relevant personnel, who can take swift action.\n\nWith concerns turning to the potential spread of Covid-19 variants, frictionless access control mechanisms ensure a fast and hands-free method of admitting staff to the premises, using surveillance cameras, QR codes, or mobile phone identification to avoid the touching of shared surfaces, minimising cross infection risk. IP audio equipment that is connected to the surveillance system can be used to issue messages, either pre-recorded or in real-time, to remind staff of the importance of maintaining a safe distance from each other and configured to trigger an automated warning message while simultaneously making security personnel aware of any situation.\n\nUnlocking powerful operational insights<\/strong>\n\nEnsuring that only staff who are necessary for day-to-day operations are on site is a sensible way to further minimise infection risk. Remote monitoring and operational insights can be employed to check premises via tablet or mobile, removing any need to enter a site unnecessarily. In fact, access from any location (32%), remote maintenance (31%), and the ability to monitor empty sites (29%) were all identified as key benefits of introducing VSaaS and ACaaS, alongside better security (40%) and better functionality (33%). VSaaS and ACaaS include regular software updates and firmware upgrades, resulting in a solution that is always online and always up to date.\n\nVSaaS and ACaaS are based on a pay-per-use business model which means that systems can be easily scaled up or down in accordance with customer requirements, while monthly recurring payments remove the need for large upfront capital expenditure. Partnering with a trusted physical security provider will ensure delivery of a future-proof system that\u2019s capable of high levels of security while unlocking powerful business intelligence. Managers will benefit from insight into staff movement around the premises and adherence to health and safety protocols for complete peace of mind.\n\nThe evolving threat landscape and the broad range of challenges that the future will bring is something that all companies must consider. Fortunately, cloud-enabled physical security now appears to sit firmly on the agenda. For the banking and finance industry, VSaaS and ACaaS provide a flexible security and business solution that will enable them to meet ever evolving demands and confidently face the future.\n\nFor further insights on VSaaS and ACaaS adoption in Europe, download Morphean's whitepaper:\n\nLandscape Report 2020\/21: Hosted Security adoption in Europe<\/a>\n\nwww.morphean.com<\/a>","post_title":"Opinion | Improving banking security and operations through innovations in cloud","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"opinion-improving-banking-security-and-operations-through-innovations-in-cloud","to_ping":"","pinged":"","post_modified":"2021-05-14 16:19:05","post_modified_gmt":"2021-05-14 15:19:05","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6132","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":6070,"post_author":"48","post_date":"2021-05-12 13:00:28","post_date_gmt":"2021-05-12 12:00:28","post_content":"\n

Employee safety is a top priority in retail stores, bank branches, and similar applications. Using Bosch's method of integrating the intrusion system's panic buttons or bill trap sensors with the radio dispatch system, this can provide added security by alerting security personnel to high-risk situations.<\/p>\n\n\n\n

\nhttps:\/\/www.youtube.com\/watch?v=-Erg_9Y9y28&ab_channel=BoschSecurityandSafetySystems\n<\/div><\/figure>\n\n\n\n

https:\/\/www.boschsecurity.com\/gb\/en\/<\/a><\/p>\n","post_title":"Bosch Security Systems | Assuring employee safety","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bosch-security-systems-assuring-employee-safety","to_ping":"","pinged":"","post_modified":"2022-07-11 20:22:00","post_modified_gmt":"2022-07-11 19:22:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6070","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5921,"post_author":"3","post_date":"2021-04-30 17:35:38","post_date_gmt":"2021-04-30 16:35:38","post_content":"Reiknistofa bankanna (RB), an IT service provider for Icelandic financial institutions, has recently overhauled its security infrastructure with Genetec Security Center. Following a project from systems integrator Hafnes Ehf, RB is now using Genetec to manage its cameras, access control and video analytics through a single interface.\n\nRB is a provider of mission-critical IT systems for Icelandic financial institutions, responsible for the country\u2019s central clearance and settlement system, and a number of multi-tenant core banking solutions. RB places a very high importance on security, not only to ensure its data stays safe, but also to protect employees and visiting clients. While its server rooms and offices were protected via disparate video and access control systems, the technology was old, and maintenance was becoming both a financial and an operational burden.\n\nRB operates its solutions across multiple data centres in a shared, multi-bank environment. This requires a system that brings video and access control into a single solution. As an open unified platform, Genetec Security Center was reportedly chosen as it simplified daily security operations, allowed for further integration with other tools such as RB\u2019s heating and cooling systems, and delivered business-wide value.\n\n\u201cFrom day one we wanted a unified system which could help our teams understand the situation quickly; alerting them if anything required their attention,\u201d said Geir S\u00e6mundsson, Datacentre Manager at Reiknistofa bankanna. \u201cThe Genetec solution does just this and is allowing us to build-in customised alerts so we gain business intelligence \u2013 providing us with better ROI.\u201d\n\n\u201cPhysical security teams are demanding simplicity and greater functionality,\u201d added Anthonie van der Ploeg, Director of Sales for Benelux & Nordics at Genetec. \u201cUnification can offer them both by bringing together all security system components seamlessly in a single software platform in a way that can vastly improve security management. We are delighted that Iceland\u2019s Reiknistofa Bankanna has experienced the deep business insights Genetec Security Center is capable of delivering and we look forward to supporting them as they evolve and grow their operations.\u201d\n\n\u201cThe time savings delivered by Genetec have been immense,\u201d concluded S\u00e6mundsson. \u201cIt\u2019s been a worthwhile investment, especially as it can evolve with us, and allows us to move at our chosen speed. Considering its ease of use, deep integration and leading analytics, we look forward to continuing the partnership over the coming years.\u201d\n\nwww.genetec.com<\/a>","post_title":"Genetec protects Iceland\u2019s financial services backbone","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"genetec-protects-icelands-financial-services-backbone","to_ping":"","pinged":"","post_modified":"2023-01-23 10:33:37","post_modified_gmt":"2023-01-23 10:33:37","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5921","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5156,"post_author":"3","post_date":"2021-03-04 08:47:26","post_date_gmt":"2021-03-04 08:47:26","post_content":"Bothwell Exchange, a new construction commercial space in Glasgow, Scotland, has installed an array of Boon Edam\u2019s Speedlane Slide optical turnstiles in the lobby and two TQA automatic revolving doors at the main entrance to control access.\n\nBothwell Exchange is a 9-storey, 155,000 sq. ft. commercial building located at 122 Waterloo Street in Glasgow, Scotland\u2019s International Financial Services District (IFSD). The location houses various international banking giants, as well as a gym, a kitchen and other amenities for employees. Architectural firm Michael Laird Associates led the design of the project, to create modern design with an open, column-free look and feel.\n\nWhen the project was completed, Bothwell Exchange was named the first development in Scotland to achieve the Platinum Wiredscore Certification, demonstrating that the building goes above and beyond to meet its tenants\u2019 connectivity needs. Bothwell Exchange was also awarded a BREEAM Excellent Rating, a performance standard which measures a building\u2019s sustainable value in a series of categories, ranging from energy to ecology.\n\nThe architects wanted to incorporate an automatic revolving door into the entrance of the building. Revolving doors are \u201calways open, always closed,\u201d meaning that no matter the position of the door, there is always a seal between the outside environment and the interior building. This helps save on energy costs and lobby space, without slowing down traffic. In consideration of these benefits, it was decided that the Bothwell Exchange entrance would consist of two automatic, 4-wing TQA revolving doors finished in 316 stainless steel. Additionally, for added security after hours, each door was outfitted with an external night sliding door set that completely seals the throat opening and can be locked to deter intruders.\n\nDuring the construction phase of building design, the architects communicated a need to incorporate security measures into the open lobby without impairing the flow of traffic in and out of the building. After a discussion around the estimated traffic needs of the building, the team decided to install a four-lane array of Speedlane Slide optical turnstiles to control unauthorised entry while still allowing 20-30 people per lane to enter each minute. To handle multiple types of traffic, the turnstile array was comprised of three standard-width lanes and one ADA-width lane. The wide lane would accommodate both employee traffic and the occasional wheelchair or delivery.\n\nwww.boonedam.com<\/a>","post_title":"Bothwell Exchange installs Boon Edam turnstiles and revolving doors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bothwell-exchange-installs-boon-edam-turnstiles-and-revolving-doors","to_ping":"","pinged":"","post_modified":"2021-03-04 08:47:30","post_modified_gmt":"2021-03-04 08:47:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5156","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4810,"post_author":"3","post_date":"2021-02-03 15:16:33","post_date_gmt":"2021-02-03 15:16:33","post_content":"Dahua Technology UK and Ireland has created a feature-rich virtual experience dubbed the Virtual Innovation Centre as a way to counter the continued absence of face-to-face trade events during the pandemic.\n\nThe innovation centre features immersive virtual reality, where visitors are able to walk through a pavilion and see Dahua\u2019s latest product and technology innovations. Visitors can select an automatic tour of the entire pavilion to get an overview on what is on offer, with the option of stopping at particular exhibits to drill down to the level of detail they require. Alternatively, visitors can navigate the pavilion at their own pace, stopping off wherever they like. Users can visit the site around the clock, and there is no limit to the number of times it can be accessed.\n\n\u201cWe are thrilled by the launch of our Virtual Innovation Centre, which has been carefully planned and designed to give users the optimum experience from the comfort and safety of their own homes or offices,\u201d said Michael Lawrence, Marketing Director for Dahua UK & Ireland. \u201cIt is the closest thing visitors can get to a live physical exhibition, but with the addition of a wealth of multimedia and online content.\u201d\n\nExhibits include: video solutions with AI learning capabilities; a range of temperature monitoring solutions including TMAC, Dahua\u2019s contactless temperature monitoring access control system; smart home and smart retail applications; and video intercom solutions. There are also areas dedicated to specific vertical applications such as smart transport, safe cities, smart retail and smart banking.\n\nvirtual-innovation-centre.dahuasecuritysolutions.co.uk<\/a>","post_title":"Dahua UK and Ireland launches virtual innovation centre","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"dahua-uk-and-ireland-launches-virtual-innovation-centre","to_ping":"","pinged":"","post_modified":"2021-02-03 15:16:35","post_modified_gmt":"2021-02-03 15:16:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4810","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4801,"post_author":"3","post_date":"2021-02-03 09:41:54","post_date_gmt":"2021-02-03 09:41:54","post_content":"Ping Identity has launched PingOne Verify, a cloud service that helps enterprises verify their customers\u2019 identities for rapid account onboarding, authentication and fraud prevention. The new service is the latest addition to Ping Identity\u2019s suite of cloud services for identity and access management (IAM).\n\n\u201cEnterprises need individuals to verify their identity to prevent fraud, but if the verification process is too cumbersome, they risk losing customers in their first interactions with the business,\u201d said Andre Durand, CEO and founder of Ping Identity. \u201cPingOne Verify is a simple way to verify identities that meets all of an enterprise\u2019s security requirements, while giving customers a streamlined, passwordless, onboarding experience.\u201d\n\nPingOne Verify enables enterprises to embed identity verification directly into their customer-facing mobile app. Customers provide live-capture selfies along with an image of their government-issued identification card, such as a driver\u2019s license or passport. The technology leverages \u2018liveness detection\u2019, in which customers\u2019 facial gestures \u2013 like smiling and straight-faced \u2013 are captured in a continuous stream, rather than a single static image, allowing PingOne Verify to ensure the end-user is a real, live person who is able to follow instructions.\n\nThe system uses facial recognition technology to match the live-face capture with the customer\u2019s image on their government ID. Once it is determined to be a match, PingOne Verify then taps into external data services to validate the government ID is not tampered with or modified. The service connects a customer\u2019s verified identity to their mobile device during the initial verification, bypassing the need to scan a government ID on subsequent verifications. The manufacturer states that this approach can lower the overall cost of identity verification for enterprises without impacting security.\n\nPing Identity believes its new service is ideal for companies in regulated industries, such as financial services and insurance, which have strict Know Your Customer (KYC) requirements. The risk level during the first interaction with a customer has high potential for fraudulent activity or account takeover. PingOne Verify could help these enterprises make sure that they are engaging with the right customers from the very first interaction.\n\nwww.pingidentity.com<\/a>","post_title":"Ping Identity launches identity verification service","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-launches-identity-verification-service","to_ping":"","pinged":"","post_modified":"2021-02-03 09:42:00","post_modified_gmt":"2021-02-03 09:42:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4801","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4739,"post_author":"3","post_date":"2021-01-30 02:27:00","post_date_gmt":"2021-01-30 02:27:00","post_content":"Software-Defined Trust specialists MagicCube has been appointed to the Board of Advisors at the PCI Security Standards Council (PCI SSC), whose role helps to ensure the security of card payment systems and determines international standards. MagicCube\u2019s CTO and co-founder, Nancy Zayed, will sit on the board.\n\n\u201cThe Board of Advisors provides industry expertise and perspectives that influence and shape the development of PCI Security Standards and programmes,\u201d said Lance J Johnson, PCI SSC Executive Director. \u201cWe look forward to working with MagicCube in our efforts to help organisations secure payment data globally.\u201d\n\nMagicCube\u2019s appointment is the first of a startup to the Board, which includes the likes of Amazon, JPMorganChase, Citi and PayPal, and the first of a Software-Defined Trust (SDT) platform designed for payments.\n\n\u201cWe rely on input from the Board of Advisors to develop data security standards and programmes that help businesses globally detect, mitigate and prevent cyberattacks and breaches,\u201d said Troy Leach, PCI SSC SVP Engagement Officer. \u201cWe\u2019re pleased to have MagicCube on the PCI SSC Board of Advisors to provide critical insights and help us build on the great efforts that are already being done to increase payment security globally.\u201d\n\n\u201cWe\u2019re extremely proud to have been elected to join the PCI Security Standards Council\u2019s Board of Advisors to continue our work on advising in the development of the PCI Security Standards,\u201d said Zayed. \u201cWe are hoping to share and contribute our experience in providing innovative provable software security technologies designed to come to par with hardware-based security yet competes with it in terms of practicality and ease of adoption, therefore enriching solutions\u2019 availability and extending optionality and speeds of adoption. Our objective of working within the Council to create and advance the standards for adopting new security technologies delivers on the Council\u2019s mission of maintaining the same high level of security of large volume of transactions across the many forms and configurations of payment platforms.\u201d\n\nwww.magiccube.co<\/a>","post_title":"MagicCube appointed to PCI Security Standards Council Board of Advisors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"magiccube-appointed-to-pci-security-standards-council-board-of-advisors","to_ping":"","pinged":"","post_modified":"2021-01-29 16:34:21","post_modified_gmt":"2021-01-29 16:34:21","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4739","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4516,"post_author":"3","post_date":"2021-01-11 10:23:32","post_date_gmt":"2021-01-11 10:23:32","post_content":"A third-party file sharing service used by the Reserve Bank of New Zealand \u2013 Te P\u016btea Matua to share and store some sensitive information, has been illegally accessed. Governor Adrian Orr stated that the breach has been contained, but that it would take time to determine the impact.\n\n\u201cWe are actively working with domestic and international cyber security experts and other relevant authorities as part of our investigation,\u201d said Orr. \u201cThis includes the GCSB\u2019s National Cyber Security Centre which has been notified and is providing guidance and advice. We have been advised by the third party provider that this wasn\u2019t a specific attack on the Reserve Bank, and other users of the file sharing application were also compromised.\u201d\n\nThe bank is working to understand the nature and extent of information that has been potentially accessed. However, it warns that it may include some commercially and personally sensitive information. The bank reports that the breached system has been secured and taken offline and that it is working with system users whose information may have been accessed.\n\n\u201cOur core functions and New Zealand\u2019s financial system remain sound, and Te P\u016btea Matua is open for business. This includes our markets operations and management of the cash and payments systems,\u201d concluded Orr.\n\nwww.rbnz.govt.nz<\/a>","post_title":"Reserve Bank of New Zealand suffers data breach","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"reserve-bank-of-new-zealand-suffers-data-breach","to_ping":"","pinged":"","post_modified":"2021-01-11 10:23:35","post_modified_gmt":"2021-01-11 10:23:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4516","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4205,"post_author":"3","post_date":"2020-12-09 12:09:02","post_date_gmt":"2020-12-09 12:09:02","post_content":"Idemia has signed a deal with Rocker to enhance contactless payment security for the blue-chip Swedish FinTech and bank challenger. The agreement will see Idemia\u2019s F.CODE biometric payment cards undergo a proof of concept with Rocker customers during the first quarter of 2021.\n\n\u201cAs a bank challenger, we are constantly testing new technology to develop smarter financial services that are easier to use and that help our customers improve their everyday financial lives,\u201d stated Jonas Hultin, Chief Product Officer and one of Rocker\u2019s three founders. \u201cWe are moving at a high pace to provide new and attractive innovations to customers. Launching biometric F.CODE debit cards is part of our strategy to offer smart and secure payment solutions across platforms, whether you wish to pay with your mobile, a card or with a transfer. In doing so, we are first in Sweden and one of the first in the world to offer this payment technology for consumers.\u201d\n\nThe deal marks the first ever-biometric card proof of concept in Northern Europe and will see payments using the card fingerprint-checked in store. The F.CODE payment card adopts a biometric authentication procedure making transactions quicker, more hygienic and more secure as cardholders no longer need to enter a PIN or sign. The solution ensures security by storing all biometric credentials only in the chip on the card, rather than in a remote database.\n\nThe battery-free card that will be rolled out in mid-2021 following the proof of concept is powered by the payment terminal and is designed to be user-friendly. Rocker aims to offer the F.CODE card as a new service in its growing offering of retail financial services that are easier to use, more flexible and better priced. The proof of concept will be completed by the first quarter of 2021.\n\n\u201cWe are proud to partner with Rocker and to shape the future of payments, hand in hand with a FinTech at the cutting edge of innovation,\u201d said Amanda Gourbault, IDEMIA\u2019s Executive Vice-President Financial Institutions. \u201cWe are delighted to ensure an innovative yet seamless experience to Rocker\u2019s customers thanks to the use of biometrics.\u201d\n\nwww.idemia.com<\/a>","post_title":"Idemia partners with Rocker to offer the first biometric card in Sweden","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"idemia-partners-with-rocker-to-offer-the-first-biometric-card-in-sweden","to_ping":"","pinged":"","post_modified":"2022-12-14 16:10:48","post_modified_gmt":"2022-12-14 16:10:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4205","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4155,"post_author":"3","post_date":"2020-12-04 15:36:00","post_date_gmt":"2020-12-04 15:36:00","post_content":"

Thales has launched the Gemalto Intelligent Double-sided ID Card Reader CR5400i, a product it describes as the world\u2019s only double-sided ID card reader and the first to be able to examine ID cards or driving licenses in the cloud in less than four seconds.<\/p>\n

The manufacturer states that its reader protects businesses from fraud and forgery thanks to sophisticated mechanisms for superior document authentication. The \u201ci\u201d version permits multiple intelligent readers to be centrally connected via Wi-Fi for organisations that need to deploy a fleet of readers. The compact device can also be set up, managed and serviced remotely.<\/p>\n

To use the device, a user inserts their ID card into the reader which reads both sides of the card simultaneously. Once this action is complete, a LED changes from blue to green and the ID is ejected and returned to its owner with no physical interaction between the user and operator.<\/p>\n

\u201cAt Thales we are committed to bring both convenience and security to the ID verification process. With the new double-sided reader the user experience is smooth while the service provider can fight ID fraud benefitting from a flexible and easy-to-integrate solution,\u201d said James MacLean Director of Document Reading Solutions at Thales. \u201cIn addition, the Covid-19 context has brought new challenges that Thales\u2019 intelligent ID card reader answers with its touch-free feature.\u201d<\/p>\n

www.thalesgroup.com<\/a><\/p>\n \n\n ","post_title":"Thales unveils double-sided ID card reader","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"thales-unveils-double-sided-id-card-reader","to_ping":"","pinged":"","post_modified":"2020-12-03 17:38:48","post_modified_gmt":"2020-12-03 17:38:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4155","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4079,"post_author":"3","post_date":"2020-11-27 17:28:17","post_date_gmt":"2020-11-27 17:28:17","post_content":"The Australian Prudential Regulation Authority (APRA) has released its Cyber Security Strategy for 2020 to 2024. The strategy seeks to lift cybersecurity standards further and introduce heightened accountability where companies fail to meet their legally binding requirements. Most notably, it also aims to extend APRA\u2019s reach beyond its regulated entities to influence the broader eco-system of suppliers and providers they rely upon.\n\nIn a speech to the Financial Services Assurance Forum, APRA Executive Board Member Geoff Summerhayes stated: \u201cTo date, no APRA-regulated bank, insurer or superannuation fund has suffered a material cyber breach, but our view that it\u2019s only a matter of time until a major incident occurs hasn\u2019t changed. Although the financial industry takes cyber risk seriously, there is room for improvement. For example, too many boards still lack visibility or understanding of the problems, while internal audit functions can lack the specialist skills to challenge boards and management to plug urgent gaps.\u201d\n\nThe new strategy builds on APRA\u2019s previous strategic initiatives including the delivery of its information security prudential standard and prudential guidance, and establishing a notification and response process for material cyber incidents.\n\n\u201cThe Strategy has been informed by extensive consultation with the Department of Home Affairs, as well as Treasury, ASIC and the Reserve Bank of Australia, and is designed to complement Australia\u2019s Cyber Security Strategy 2020,\u201d explained Summerhayes. \u201cOur mission is to make a step change in Australia\u2019s financial system cyber resilience. Our vision is for a financial system that can stand firm against cyber-attacks.\u201d\n\nThe Strategy comprises three primary focus areas. First is to establish a baseline of cyber controls by reinforcing the embedding of non-negotiable cyber practices. The second priority is to enable boards and executives of financial institutions to oversee and direct correction of cyber exposures. The final branch of APRA\u2019s new strategy is to rectify weak links within the broader financial eco-system and supply chain by fostering the maturation of provider cyber-assessment and assurance, and harmonising the regulation and supervision of cyber across the financial system.\n\n\u201cAs the threat posed by domestic and international cyber adversaries grows, along with the potential impact of a successful attack, we must remain on guard and continue to build our defences,\u201d concluded Summerhayes. \u201cIn an environment where an attack on one of us could be an attack on any of us, we are all \u2013 governments, regulators, organisations and individuals \u2013 links in a chain \u2013 and we are in this battle together. By sharing information and expertise, pooling resources and taking prompt action to plug gaps and fix weak links, we create a community of cyber defenders that is greater than the sum of its parts. In doing so, we help to keep the chain as strong as possible, and lock out those who would do us harm.\u201d\n\nwww.apra.gov.au<\/a>","post_title":"APRA releases new cybersecurity strategy","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"apra-releases-new-cybersecurity-strategy","to_ping":"","pinged":"","post_modified":"2020-11-27 17:28:22","post_modified_gmt":"2020-11-27 17:28:22","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4079","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4000,"post_author":"3","post_date":"2020-11-17 13:49:56","post_date_gmt":"2020-11-17 13:49:56","post_content":"ESET researchers have discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates stolen from two different companies. The attack was made easier for Lazarus as South Korean internet users are often asked to install additional security software when visiting government or internet banking websites.\n\n\u201cTo understand this novel supply-chain attack, you should be aware that Wizvera VeraPort, referred to as an integration installation program, is a South Korean application that helps manage such additional security software. When Wizvera VeraPort is installed, users receive and install all necessary software required by a specific website. Minimal user interaction is required to start such software installation,\u201d explained Anton Cherepanov, ESET researcher who led the investigation into the attack. \u201cUsually this software is used by government and banking websites in South Korea. For some of these websites it\u2019s mandatory to have Wizvera VeraPort installed.\u201d\n\n\u201cWhile the Wizvera software does exhibit security maturity and offers a safeguard to cyber threats, it only does what the configuration file instructs,\u201d observed Boris Cipot, senior security engineer at Synopsys. \u201cIn other words, the file informs Wizvera on which software it should install. All that hackers had to do was find the websites that were easiest to breach. Once breached, the attacker could then replace legitimate binaries with malicious ones. This enables Wizvera to install malicious software on visitors\u2019 devices.\u201d\n\nAdditionally, the attackers used illegally obtained code-signing certificates in order to sign the malware samples. One of these certificates was issued to the US branch of a South Korean security company. \u201cThe attackers camouflaged the Lazarus malware samples as legitimate software. These samples have similar file names, icons and resources as legitimate South Korean software,\u201d says Peter K\u00e1lnai, ESET researcher who analysed the Lazarus attack with Cherepanov. \u201cIt\u2019s the combination of compromised websites with Wizvera VeraPort support and specific VeraPort configuration options that allows attackers to perform this attack.\u201d\n\n\u201cWhat has transpired here highlights how cybersecurity does not operate within a vacuum,\u201d added Stuart Sharp, VP of Technical Services at OneLogin. \u201cMaintaining good cybersecurity requires keeping an eye on the basics, and ensuring that the organisations you partner with in the supply chain do as well - as the saying goes, your security is only as strong as your weakest link. In this instance, the South Korean government should ensure that the software manager verifies the owner of the certificate, and that all organisations within their supply chain are adhering to a standard set of cyber hygiene rules as well as performing regular security audits. This is particularly true if they are requiring users to download software to access certain services.\u201d\n\n\u201cThis attack by Lazarus group is yet another example of how cybercriminals will try to compromise the supply chain at any weak spot to gain access,\u201d agreed Javvad Malik, Security Awareness Advocate at KnowBe4. \u201cIt's therefore essential that all organisations have effective and robust security controls in place to maintain the integrity of their supply chains and the security of transactions which take place across them. We saw Petya ransomware spread through most of Ukraine due to a compromised tax filing software. Government departments in particular need to keep a close eye on mandatory software or portals which, if compromised, can quickly have large impacts.\u201d\n\n\u201cThis is yet another case of cybercriminals finding loopholes in security procedures,\u201d concluded Cipot. \u201cBased on feedback from ESET researchers, the easiest prevention of such an attack would be to provide hashes on the binaries in the configuration files. That way, the binary cannot be installed if the hashes do not match. Unfortunately, skipping this extra security step has allowed attackers to abuse the otherwise robust system. We see this often, where misconfiguration can lead to significant consequences. While typically we hear about instances of misconfigured S3 buckets, in this case, it was a misconfigured instruction file.\u201d\n\nwww.eset.com<\/a>","post_title":"ESET Research discovers Lazarus attack in South Korea","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"eset-research-discovers-lazarus-attack-in-south-korea","to_ping":"","pinged":"","post_modified":"2020-11-17 13:49:59","post_modified_gmt":"2020-11-17 13:49:59","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4000","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3655,"post_author":"3","post_date":"2020-10-21 17:06:04","post_date_gmt":"2020-10-21 16:06:04","post_content":"

HID Global has been working with banking software manufacturer Temenos to expand the features of its multi-factor authentication solution that are available to Temenos Infinity users. HID\u2019s risk-based authentication solution is pre-integrated with Temenos\u2019 digital front office product, Infinity.<\/p>\n

<\/p>\n

\u201cHID is committed to helping Temenos customers meet today\u2019s extraordinary demand for safe and secure access to mobile and online banking services as a result of the current global health crisis,\u201d said Brad Jarvis, Vice President and Managing Director of the Identity & Access Management Solutions with HID Global. \u201cWe are ensuring that Temenos Infinity users can benefit from the broadest range of capabilities in our risk-based authentication solution, from onboarding and transaction signing through self-service and management.\u201d<\/p>\n

<\/p>\n

HID\u2019s offering supports the latest Temenos Infinity capabilities through its HID ActivID Authentication Platform featuring the HID Risk Management Solution with real-time risk profiling technology. Temenos Infinity users now benefit from a wide range of options for authentication and onboarding, including static passwords, multiple types of One Time Passwords (OTPs) and FIDO hardware authenticators, and mobile push notification leveraging public key cryptography. In addition to this, further capabilities include <\/a>pre-integrated HID Identity Verification Service capabilities that simplify and enhance digital identity self-service and management while increasing administrative visibility.<\/p>\n

<\/p>\n

\u201cAs the leader in banking software, we know that the need for modern digital banking in this \u2018New Normal\u2019 will be greater than ever,\u201d said James Holland, Director of Product Security with Temenos. \u201cTemenos is helping banks support today\u2019s surge in digital banking volumes while also ensuring that these interactions are secure at every point, including the consumer\u2019s device where they are initiated.  We welcome these new capabilities from HID Global.\u201d<\/p>\n

<\/p>\n

<\/p>\n

www.hidglobal.com<\/a><\/p>","post_title":"HID Global expands multi-factor authentication features for Temenos Infinity","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"hid-global-expands-multi-factor-authentication-features-for-temenos-infinity","to_ping":"","pinged":"","post_modified":"2023-01-23 10:57:39","post_modified_gmt":"2023-01-23 10:57:39","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3655","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3642,"post_author":"3","post_date":"2020-10-21 11:14:26","post_date_gmt":"2020-10-21 10:14:26","post_content":"

Mastercard has partnered with IDEMIA and MatchMove for its first pilot in Asia of a biometric card that uses a fingerprint to authorise transactions at in-store payment terminals. The card, with the product name F.CODE Easy, is said to make transactions more convenient, safe and secure by eliminating the need for a cardholder to provide a PIN number or signature, thereby reducing touch points in public places.<\/p>\n

<\/p>\n

Developed by IDEMIA in accordance with Mastercard\u2019s technical and design specifications, F.CODE Easy stores all biometric credentials on the card chip rather than a central database. The battery-free card, which harvests energy from payment terminals to power its fingerprint sensor, is designed to be user-friendly and is certified to ISO standards by Mastercard for security and compliance.<\/p>\n

<\/p>\n

MatchMove, a Banking as a Service provider in Singapore, will issue the biometric cards for the pilot in the fourth quarter of 2020. The pilot will feature employees of Mastercard, IDEMIA and MatchMove using the cards for transactions and live demonstrations for customers.<\/p>\n

<\/p>\n

\u201cAs people make a permanent move to contactless transactions, the biometric card promises more choice and greater security for consumers,\u201d said Matthew Driver, Executive Vice President, Services, Asia Pacific, Mastercard. \u201cWith Mastercard\u2019s focus on digital commerce, this solution is a testament to the innovative partnerships Mastercard cultivates and its mission to provide fast, frictionless payment experiences that are protected at every point.\u201d<\/p>\n

<\/p>\n

\u201cWe are proud to celebrate this milestone on our journey to shaping the future of payments into one powered by biometrics,\u201d said Vincent Mouret, Senior Vice President of Financial Institutions Asia Pacific at IDEMIA. \u201cWe are delighted to partner with Mastercard and MatchMove to launch F.CODE Easy in Asia and we look forward to continuing to work together to provide end-to-end security for fintechs.\u201d<\/p>\n

<\/p>\n

\u201cWe are excited to partner with IDEMIA and Mastercard to pioneer cutting-edge solutions that empower our customers to make safe and secure payments,\u201d said Amar Abrol, Chief Commercial Officer at MatchMove. \u201cBy leveraging F.CODE Easy, we can enable multiple use cases for our clients who in turn create greater value and utility for their customers, employees, suppliers and partners. We look forward to working together and introducing new innovative solutions to the market.\u201d<\/p>\n

<\/p>\n

www.idemia.com<\/a><\/p>","post_title":"Mastercard, IDEMIA and MatchMove pilot biometric Card in Asia","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"mastercard-idemia-and-matchmove-pilot-biometric-card-in-asia","to_ping":"","pinged":"","post_modified":"2022-12-14 16:11:10","post_modified_gmt":"2022-12-14 16:11:10","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3642","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3400,"post_author":"3","post_date":"2020-10-16 17:52:28","post_date_gmt":"2020-10-16 16:52:28","post_content":"Zimperium discusses the security and privacy issues found in 400 mobile banking and payment apps distributed in the EMEA region.","post_title":"Security and risk findings in the top 400 EMEA mobile banking apps","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"security-and-risk-findings-in-the-top-400-emea-mobile-banking-apps","to_ping":"","pinged":"","post_modified":"2020-10-16 17:52:30","post_modified_gmt":"2020-10-16 16:52:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3400","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"}],"next":false,"prev":false,"total_page":1},"paged":1,"column_class":"jeg_col_2o3","class":"epic_block_14"};

\n

More than five million customer identities managed by Tesco Bank had become siloed across its products and services, adding unwanted friction to the customer experience. It also needed to meet robust compliance requirements to adhere to the revised Payment Services Directive (PSD2), a European electronic services regulation requiring strong customer authentication. <\/p>\n\n\n\n

These needs were hindered by an inflexible security posture that was adding cost and time to the launch of new applications and features. \u201cWe needed a customer security platform that could extend across all our channels,\u201d explains Tesco Bank security architect, David McConchie, \u201cand ultimately allow us to consolidate disparate identity data, laying the foundation for a common customer identity.\u201d<\/p>\n\n\n\n

With ProofID as the implementation partner, Tesco Bank configured its new PingAccess and PingFederate cluster to secure key applications in 12 weeks, which included building a single-factor login journey and deploying it across their private AWS cloud. The result is a common identity provider with self-service features across banking, credit cards and general insurance, which allows customers to more easily manage their money and have an overall better experience. <\/p>\n\n\n\n

\u201cWe saw how we could use PingAccess and PingFederate to work across web, mobile and API. The ease with which we could deploy across channels was a critical factor, along with the data governance capabilities,\u201d explains McConchie. \u201cPing Identity gives us the flexible authorisation capabilities we need to minimise friction and deliver a customer-centric experience.\u201d<\/p>\n\n\n\n

\u201cModern enterprises require increased business agility, and banks are no exception,\u201d said Emma Maslen, VP and general manager of Ping Identity, EMEA & APAC, \u201cFinancial institutions are faced with unforgiving customers and uniquely robust compliance requirements. This amplifies the need for a partner that not only understands their complexities but can deliver flexible security solutions that deliver an integrated customer experience to achieve business goals.\u201d<\/p>\n\n\n\n

www.pingidentity.com<\/a><\/p>\n\n\n\n

www.proofid.com<\/a><\/p>\n","post_title":"Ping Identity and ProofID supply identity security for Tesco Bank","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-and-proofid-supply-identity-security-for-tesco-bank","to_ping":"","pinged":"","post_modified":"2021-05-18 14:56:46","post_modified_gmt":"2021-05-18 13:56:46","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6153","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":6132,"post_author":"1","post_date":"2021-05-14 16:19:02","post_date_gmt":"2021-05-14 15:19:02","post_content":"Cloud technology has been proven to help businesses remain operational during the pandemic and has helped facilitate a digital transformation process that was already underway in many sectors, including financial services. Now, as the success of the vaccination programme and drop in infection rates leads to a relaxing of lockdown regulations, retail and investment banks will be looking to help large numbers of employees back to work to resume full service.\n\nBut this gradual transition will require planning and consideration to be given to health and safety alongside the expected high levels of security. While mask wearing and social distancing measures are set to be relaxed over the coming months, it\u2019s nevertheless imperative that day-to-day business is not jeopardised by a spread of infection as a result of complacency. This is where technology has an important role to play, with benefits that will transcend the pandemic, equipping banks and financial services for future challenges.\n\nThe evolution of hosted physical security<\/strong>\n\nPhysical security too is transforming. In today\u2019s modern world, dated standalone CCTV and manually operated access barriers, are increasingly being replaced with cloud-enabled network cameras and digital access control mechanisms. Such technologies provide multiple layers of protection, both at a building\u2019s entrance and within the premises itself. The internet of things (IoT) brings seamless device connectivity and data sharing for a streamlined, efficient and intelligent security solution.\n\nTo better understand the capacity for cloud to help improve security and provide operational benefits during the pandemic and beyond, hosted security provider Morphean, commissioned a survey of 1,000 senior decision makers across the UK, Germany and Sweden. Results revealed that 51% of respondents are currently using a cloud-based video surveillance (VSaaS) and\/or a door entry\/access control system (ACaaS), and that 95% of those surveyed agree that if an existing security system could deliver insights beyond security to assist decision making it would influence adoption.\n\nImproving the management of premises and people<\/strong>\n\nIn such a high security environment, VSaaS and ACaaS can help managers to determine staff whereabouts and to know who is in the building at any one time. For example, an access control solution which is linked to an HR database can check the swipe of an access card against staff records. Surveillance cameras also provide secondary authentication through visual clarification of an individual\u2019s identity. An employee who is flagged by the system as being on leave, absent or no longer employed will trigger an automated alert to relevant personnel, who can take swift action.\n\nWith concerns turning to the potential spread of Covid-19 variants, frictionless access control mechanisms ensure a fast and hands-free method of admitting staff to the premises, using surveillance cameras, QR codes, or mobile phone identification to avoid the touching of shared surfaces, minimising cross infection risk. IP audio equipment that is connected to the surveillance system can be used to issue messages, either pre-recorded or in real-time, to remind staff of the importance of maintaining a safe distance from each other and configured to trigger an automated warning message while simultaneously making security personnel aware of any situation.\n\nUnlocking powerful operational insights<\/strong>\n\nEnsuring that only staff who are necessary for day-to-day operations are on site is a sensible way to further minimise infection risk. Remote monitoring and operational insights can be employed to check premises via tablet or mobile, removing any need to enter a site unnecessarily. In fact, access from any location (32%), remote maintenance (31%), and the ability to monitor empty sites (29%) were all identified as key benefits of introducing VSaaS and ACaaS, alongside better security (40%) and better functionality (33%). VSaaS and ACaaS include regular software updates and firmware upgrades, resulting in a solution that is always online and always up to date.\n\nVSaaS and ACaaS are based on a pay-per-use business model which means that systems can be easily scaled up or down in accordance with customer requirements, while monthly recurring payments remove the need for large upfront capital expenditure. Partnering with a trusted physical security provider will ensure delivery of a future-proof system that\u2019s capable of high levels of security while unlocking powerful business intelligence. Managers will benefit from insight into staff movement around the premises and adherence to health and safety protocols for complete peace of mind.\n\nThe evolving threat landscape and the broad range of challenges that the future will bring is something that all companies must consider. Fortunately, cloud-enabled physical security now appears to sit firmly on the agenda. For the banking and finance industry, VSaaS and ACaaS provide a flexible security and business solution that will enable them to meet ever evolving demands and confidently face the future.\n\nFor further insights on VSaaS and ACaaS adoption in Europe, download Morphean's whitepaper:\n\nLandscape Report 2020\/21: Hosted Security adoption in Europe<\/a>\n\nwww.morphean.com<\/a>","post_title":"Opinion | Improving banking security and operations through innovations in cloud","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"opinion-improving-banking-security-and-operations-through-innovations-in-cloud","to_ping":"","pinged":"","post_modified":"2021-05-14 16:19:05","post_modified_gmt":"2021-05-14 15:19:05","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6132","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":6070,"post_author":"48","post_date":"2021-05-12 13:00:28","post_date_gmt":"2021-05-12 12:00:28","post_content":"\n

Employee safety is a top priority in retail stores, bank branches, and similar applications. Using Bosch's method of integrating the intrusion system's panic buttons or bill trap sensors with the radio dispatch system, this can provide added security by alerting security personnel to high-risk situations.<\/p>\n\n\n\n

\nhttps:\/\/www.youtube.com\/watch?v=-Erg_9Y9y28&ab_channel=BoschSecurityandSafetySystems\n<\/div><\/figure>\n\n\n\n

https:\/\/www.boschsecurity.com\/gb\/en\/<\/a><\/p>\n","post_title":"Bosch Security Systems | Assuring employee safety","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bosch-security-systems-assuring-employee-safety","to_ping":"","pinged":"","post_modified":"2022-07-11 20:22:00","post_modified_gmt":"2022-07-11 19:22:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6070","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5921,"post_author":"3","post_date":"2021-04-30 17:35:38","post_date_gmt":"2021-04-30 16:35:38","post_content":"Reiknistofa bankanna (RB), an IT service provider for Icelandic financial institutions, has recently overhauled its security infrastructure with Genetec Security Center. Following a project from systems integrator Hafnes Ehf, RB is now using Genetec to manage its cameras, access control and video analytics through a single interface.\n\nRB is a provider of mission-critical IT systems for Icelandic financial institutions, responsible for the country\u2019s central clearance and settlement system, and a number of multi-tenant core banking solutions. RB places a very high importance on security, not only to ensure its data stays safe, but also to protect employees and visiting clients. While its server rooms and offices were protected via disparate video and access control systems, the technology was old, and maintenance was becoming both a financial and an operational burden.\n\nRB operates its solutions across multiple data centres in a shared, multi-bank environment. This requires a system that brings video and access control into a single solution. As an open unified platform, Genetec Security Center was reportedly chosen as it simplified daily security operations, allowed for further integration with other tools such as RB\u2019s heating and cooling systems, and delivered business-wide value.\n\n\u201cFrom day one we wanted a unified system which could help our teams understand the situation quickly; alerting them if anything required their attention,\u201d said Geir S\u00e6mundsson, Datacentre Manager at Reiknistofa bankanna. \u201cThe Genetec solution does just this and is allowing us to build-in customised alerts so we gain business intelligence \u2013 providing us with better ROI.\u201d\n\n\u201cPhysical security teams are demanding simplicity and greater functionality,\u201d added Anthonie van der Ploeg, Director of Sales for Benelux & Nordics at Genetec. \u201cUnification can offer them both by bringing together all security system components seamlessly in a single software platform in a way that can vastly improve security management. We are delighted that Iceland\u2019s Reiknistofa Bankanna has experienced the deep business insights Genetec Security Center is capable of delivering and we look forward to supporting them as they evolve and grow their operations.\u201d\n\n\u201cThe time savings delivered by Genetec have been immense,\u201d concluded S\u00e6mundsson. \u201cIt\u2019s been a worthwhile investment, especially as it can evolve with us, and allows us to move at our chosen speed. Considering its ease of use, deep integration and leading analytics, we look forward to continuing the partnership over the coming years.\u201d\n\nwww.genetec.com<\/a>","post_title":"Genetec protects Iceland\u2019s financial services backbone","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"genetec-protects-icelands-financial-services-backbone","to_ping":"","pinged":"","post_modified":"2023-01-23 10:33:37","post_modified_gmt":"2023-01-23 10:33:37","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5921","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5156,"post_author":"3","post_date":"2021-03-04 08:47:26","post_date_gmt":"2021-03-04 08:47:26","post_content":"Bothwell Exchange, a new construction commercial space in Glasgow, Scotland, has installed an array of Boon Edam\u2019s Speedlane Slide optical turnstiles in the lobby and two TQA automatic revolving doors at the main entrance to control access.\n\nBothwell Exchange is a 9-storey, 155,000 sq. ft. commercial building located at 122 Waterloo Street in Glasgow, Scotland\u2019s International Financial Services District (IFSD). The location houses various international banking giants, as well as a gym, a kitchen and other amenities for employees. Architectural firm Michael Laird Associates led the design of the project, to create modern design with an open, column-free look and feel.\n\nWhen the project was completed, Bothwell Exchange was named the first development in Scotland to achieve the Platinum Wiredscore Certification, demonstrating that the building goes above and beyond to meet its tenants\u2019 connectivity needs. Bothwell Exchange was also awarded a BREEAM Excellent Rating, a performance standard which measures a building\u2019s sustainable value in a series of categories, ranging from energy to ecology.\n\nThe architects wanted to incorporate an automatic revolving door into the entrance of the building. Revolving doors are \u201calways open, always closed,\u201d meaning that no matter the position of the door, there is always a seal between the outside environment and the interior building. This helps save on energy costs and lobby space, without slowing down traffic. In consideration of these benefits, it was decided that the Bothwell Exchange entrance would consist of two automatic, 4-wing TQA revolving doors finished in 316 stainless steel. Additionally, for added security after hours, each door was outfitted with an external night sliding door set that completely seals the throat opening and can be locked to deter intruders.\n\nDuring the construction phase of building design, the architects communicated a need to incorporate security measures into the open lobby without impairing the flow of traffic in and out of the building. After a discussion around the estimated traffic needs of the building, the team decided to install a four-lane array of Speedlane Slide optical turnstiles to control unauthorised entry while still allowing 20-30 people per lane to enter each minute. To handle multiple types of traffic, the turnstile array was comprised of three standard-width lanes and one ADA-width lane. The wide lane would accommodate both employee traffic and the occasional wheelchair or delivery.\n\nwww.boonedam.com<\/a>","post_title":"Bothwell Exchange installs Boon Edam turnstiles and revolving doors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bothwell-exchange-installs-boon-edam-turnstiles-and-revolving-doors","to_ping":"","pinged":"","post_modified":"2021-03-04 08:47:30","post_modified_gmt":"2021-03-04 08:47:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5156","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4810,"post_author":"3","post_date":"2021-02-03 15:16:33","post_date_gmt":"2021-02-03 15:16:33","post_content":"Dahua Technology UK and Ireland has created a feature-rich virtual experience dubbed the Virtual Innovation Centre as a way to counter the continued absence of face-to-face trade events during the pandemic.\n\nThe innovation centre features immersive virtual reality, where visitors are able to walk through a pavilion and see Dahua\u2019s latest product and technology innovations. Visitors can select an automatic tour of the entire pavilion to get an overview on what is on offer, with the option of stopping at particular exhibits to drill down to the level of detail they require. Alternatively, visitors can navigate the pavilion at their own pace, stopping off wherever they like. Users can visit the site around the clock, and there is no limit to the number of times it can be accessed.\n\n\u201cWe are thrilled by the launch of our Virtual Innovation Centre, which has been carefully planned and designed to give users the optimum experience from the comfort and safety of their own homes or offices,\u201d said Michael Lawrence, Marketing Director for Dahua UK & Ireland. \u201cIt is the closest thing visitors can get to a live physical exhibition, but with the addition of a wealth of multimedia and online content.\u201d\n\nExhibits include: video solutions with AI learning capabilities; a range of temperature monitoring solutions including TMAC, Dahua\u2019s contactless temperature monitoring access control system; smart home and smart retail applications; and video intercom solutions. There are also areas dedicated to specific vertical applications such as smart transport, safe cities, smart retail and smart banking.\n\nvirtual-innovation-centre.dahuasecuritysolutions.co.uk<\/a>","post_title":"Dahua UK and Ireland launches virtual innovation centre","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"dahua-uk-and-ireland-launches-virtual-innovation-centre","to_ping":"","pinged":"","post_modified":"2021-02-03 15:16:35","post_modified_gmt":"2021-02-03 15:16:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4810","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4801,"post_author":"3","post_date":"2021-02-03 09:41:54","post_date_gmt":"2021-02-03 09:41:54","post_content":"Ping Identity has launched PingOne Verify, a cloud service that helps enterprises verify their customers\u2019 identities for rapid account onboarding, authentication and fraud prevention. The new service is the latest addition to Ping Identity\u2019s suite of cloud services for identity and access management (IAM).\n\n\u201cEnterprises need individuals to verify their identity to prevent fraud, but if the verification process is too cumbersome, they risk losing customers in their first interactions with the business,\u201d said Andre Durand, CEO and founder of Ping Identity. \u201cPingOne Verify is a simple way to verify identities that meets all of an enterprise\u2019s security requirements, while giving customers a streamlined, passwordless, onboarding experience.\u201d\n\nPingOne Verify enables enterprises to embed identity verification directly into their customer-facing mobile app. Customers provide live-capture selfies along with an image of their government-issued identification card, such as a driver\u2019s license or passport. The technology leverages \u2018liveness detection\u2019, in which customers\u2019 facial gestures \u2013 like smiling and straight-faced \u2013 are captured in a continuous stream, rather than a single static image, allowing PingOne Verify to ensure the end-user is a real, live person who is able to follow instructions.\n\nThe system uses facial recognition technology to match the live-face capture with the customer\u2019s image on their government ID. Once it is determined to be a match, PingOne Verify then taps into external data services to validate the government ID is not tampered with or modified. The service connects a customer\u2019s verified identity to their mobile device during the initial verification, bypassing the need to scan a government ID on subsequent verifications. The manufacturer states that this approach can lower the overall cost of identity verification for enterprises without impacting security.\n\nPing Identity believes its new service is ideal for companies in regulated industries, such as financial services and insurance, which have strict Know Your Customer (KYC) requirements. The risk level during the first interaction with a customer has high potential for fraudulent activity or account takeover. PingOne Verify could help these enterprises make sure that they are engaging with the right customers from the very first interaction.\n\nwww.pingidentity.com<\/a>","post_title":"Ping Identity launches identity verification service","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-launches-identity-verification-service","to_ping":"","pinged":"","post_modified":"2021-02-03 09:42:00","post_modified_gmt":"2021-02-03 09:42:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4801","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4739,"post_author":"3","post_date":"2021-01-30 02:27:00","post_date_gmt":"2021-01-30 02:27:00","post_content":"Software-Defined Trust specialists MagicCube has been appointed to the Board of Advisors at the PCI Security Standards Council (PCI SSC), whose role helps to ensure the security of card payment systems and determines international standards. MagicCube\u2019s CTO and co-founder, Nancy Zayed, will sit on the board.\n\n\u201cThe Board of Advisors provides industry expertise and perspectives that influence and shape the development of PCI Security Standards and programmes,\u201d said Lance J Johnson, PCI SSC Executive Director. \u201cWe look forward to working with MagicCube in our efforts to help organisations secure payment data globally.\u201d\n\nMagicCube\u2019s appointment is the first of a startup to the Board, which includes the likes of Amazon, JPMorganChase, Citi and PayPal, and the first of a Software-Defined Trust (SDT) platform designed for payments.\n\n\u201cWe rely on input from the Board of Advisors to develop data security standards and programmes that help businesses globally detect, mitigate and prevent cyberattacks and breaches,\u201d said Troy Leach, PCI SSC SVP Engagement Officer. \u201cWe\u2019re pleased to have MagicCube on the PCI SSC Board of Advisors to provide critical insights and help us build on the great efforts that are already being done to increase payment security globally.\u201d\n\n\u201cWe\u2019re extremely proud to have been elected to join the PCI Security Standards Council\u2019s Board of Advisors to continue our work on advising in the development of the PCI Security Standards,\u201d said Zayed. \u201cWe are hoping to share and contribute our experience in providing innovative provable software security technologies designed to come to par with hardware-based security yet competes with it in terms of practicality and ease of adoption, therefore enriching solutions\u2019 availability and extending optionality and speeds of adoption. Our objective of working within the Council to create and advance the standards for adopting new security technologies delivers on the Council\u2019s mission of maintaining the same high level of security of large volume of transactions across the many forms and configurations of payment platforms.\u201d\n\nwww.magiccube.co<\/a>","post_title":"MagicCube appointed to PCI Security Standards Council Board of Advisors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"magiccube-appointed-to-pci-security-standards-council-board-of-advisors","to_ping":"","pinged":"","post_modified":"2021-01-29 16:34:21","post_modified_gmt":"2021-01-29 16:34:21","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4739","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4516,"post_author":"3","post_date":"2021-01-11 10:23:32","post_date_gmt":"2021-01-11 10:23:32","post_content":"A third-party file sharing service used by the Reserve Bank of New Zealand \u2013 Te P\u016btea Matua to share and store some sensitive information, has been illegally accessed. Governor Adrian Orr stated that the breach has been contained, but that it would take time to determine the impact.\n\n\u201cWe are actively working with domestic and international cyber security experts and other relevant authorities as part of our investigation,\u201d said Orr. \u201cThis includes the GCSB\u2019s National Cyber Security Centre which has been notified and is providing guidance and advice. We have been advised by the third party provider that this wasn\u2019t a specific attack on the Reserve Bank, and other users of the file sharing application were also compromised.\u201d\n\nThe bank is working to understand the nature and extent of information that has been potentially accessed. However, it warns that it may include some commercially and personally sensitive information. The bank reports that the breached system has been secured and taken offline and that it is working with system users whose information may have been accessed.\n\n\u201cOur core functions and New Zealand\u2019s financial system remain sound, and Te P\u016btea Matua is open for business. This includes our markets operations and management of the cash and payments systems,\u201d concluded Orr.\n\nwww.rbnz.govt.nz<\/a>","post_title":"Reserve Bank of New Zealand suffers data breach","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"reserve-bank-of-new-zealand-suffers-data-breach","to_ping":"","pinged":"","post_modified":"2021-01-11 10:23:35","post_modified_gmt":"2021-01-11 10:23:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4516","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4205,"post_author":"3","post_date":"2020-12-09 12:09:02","post_date_gmt":"2020-12-09 12:09:02","post_content":"Idemia has signed a deal with Rocker to enhance contactless payment security for the blue-chip Swedish FinTech and bank challenger. The agreement will see Idemia\u2019s F.CODE biometric payment cards undergo a proof of concept with Rocker customers during the first quarter of 2021.\n\n\u201cAs a bank challenger, we are constantly testing new technology to develop smarter financial services that are easier to use and that help our customers improve their everyday financial lives,\u201d stated Jonas Hultin, Chief Product Officer and one of Rocker\u2019s three founders. \u201cWe are moving at a high pace to provide new and attractive innovations to customers. Launching biometric F.CODE debit cards is part of our strategy to offer smart and secure payment solutions across platforms, whether you wish to pay with your mobile, a card or with a transfer. In doing so, we are first in Sweden and one of the first in the world to offer this payment technology for consumers.\u201d\n\nThe deal marks the first ever-biometric card proof of concept in Northern Europe and will see payments using the card fingerprint-checked in store. The F.CODE payment card adopts a biometric authentication procedure making transactions quicker, more hygienic and more secure as cardholders no longer need to enter a PIN or sign. The solution ensures security by storing all biometric credentials only in the chip on the card, rather than in a remote database.\n\nThe battery-free card that will be rolled out in mid-2021 following the proof of concept is powered by the payment terminal and is designed to be user-friendly. Rocker aims to offer the F.CODE card as a new service in its growing offering of retail financial services that are easier to use, more flexible and better priced. The proof of concept will be completed by the first quarter of 2021.\n\n\u201cWe are proud to partner with Rocker and to shape the future of payments, hand in hand with a FinTech at the cutting edge of innovation,\u201d said Amanda Gourbault, IDEMIA\u2019s Executive Vice-President Financial Institutions. \u201cWe are delighted to ensure an innovative yet seamless experience to Rocker\u2019s customers thanks to the use of biometrics.\u201d\n\nwww.idemia.com<\/a>","post_title":"Idemia partners with Rocker to offer the first biometric card in Sweden","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"idemia-partners-with-rocker-to-offer-the-first-biometric-card-in-sweden","to_ping":"","pinged":"","post_modified":"2022-12-14 16:10:48","post_modified_gmt":"2022-12-14 16:10:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4205","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4155,"post_author":"3","post_date":"2020-12-04 15:36:00","post_date_gmt":"2020-12-04 15:36:00","post_content":"

Thales has launched the Gemalto Intelligent Double-sided ID Card Reader CR5400i, a product it describes as the world\u2019s only double-sided ID card reader and the first to be able to examine ID cards or driving licenses in the cloud in less than four seconds.<\/p>\n

The manufacturer states that its reader protects businesses from fraud and forgery thanks to sophisticated mechanisms for superior document authentication. The \u201ci\u201d version permits multiple intelligent readers to be centrally connected via Wi-Fi for organisations that need to deploy a fleet of readers. The compact device can also be set up, managed and serviced remotely.<\/p>\n

To use the device, a user inserts their ID card into the reader which reads both sides of the card simultaneously. Once this action is complete, a LED changes from blue to green and the ID is ejected and returned to its owner with no physical interaction between the user and operator.<\/p>\n

\u201cAt Thales we are committed to bring both convenience and security to the ID verification process. With the new double-sided reader the user experience is smooth while the service provider can fight ID fraud benefitting from a flexible and easy-to-integrate solution,\u201d said James MacLean Director of Document Reading Solutions at Thales. \u201cIn addition, the Covid-19 context has brought new challenges that Thales\u2019 intelligent ID card reader answers with its touch-free feature.\u201d<\/p>\n

www.thalesgroup.com<\/a><\/p>\n \n\n ","post_title":"Thales unveils double-sided ID card reader","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"thales-unveils-double-sided-id-card-reader","to_ping":"","pinged":"","post_modified":"2020-12-03 17:38:48","post_modified_gmt":"2020-12-03 17:38:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4155","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4079,"post_author":"3","post_date":"2020-11-27 17:28:17","post_date_gmt":"2020-11-27 17:28:17","post_content":"The Australian Prudential Regulation Authority (APRA) has released its Cyber Security Strategy for 2020 to 2024. The strategy seeks to lift cybersecurity standards further and introduce heightened accountability where companies fail to meet their legally binding requirements. Most notably, it also aims to extend APRA\u2019s reach beyond its regulated entities to influence the broader eco-system of suppliers and providers they rely upon.\n\nIn a speech to the Financial Services Assurance Forum, APRA Executive Board Member Geoff Summerhayes stated: \u201cTo date, no APRA-regulated bank, insurer or superannuation fund has suffered a material cyber breach, but our view that it\u2019s only a matter of time until a major incident occurs hasn\u2019t changed. Although the financial industry takes cyber risk seriously, there is room for improvement. For example, too many boards still lack visibility or understanding of the problems, while internal audit functions can lack the specialist skills to challenge boards and management to plug urgent gaps.\u201d\n\nThe new strategy builds on APRA\u2019s previous strategic initiatives including the delivery of its information security prudential standard and prudential guidance, and establishing a notification and response process for material cyber incidents.\n\n\u201cThe Strategy has been informed by extensive consultation with the Department of Home Affairs, as well as Treasury, ASIC and the Reserve Bank of Australia, and is designed to complement Australia\u2019s Cyber Security Strategy 2020,\u201d explained Summerhayes. \u201cOur mission is to make a step change in Australia\u2019s financial system cyber resilience. Our vision is for a financial system that can stand firm against cyber-attacks.\u201d\n\nThe Strategy comprises three primary focus areas. First is to establish a baseline of cyber controls by reinforcing the embedding of non-negotiable cyber practices. The second priority is to enable boards and executives of financial institutions to oversee and direct correction of cyber exposures. The final branch of APRA\u2019s new strategy is to rectify weak links within the broader financial eco-system and supply chain by fostering the maturation of provider cyber-assessment and assurance, and harmonising the regulation and supervision of cyber across the financial system.\n\n\u201cAs the threat posed by domestic and international cyber adversaries grows, along with the potential impact of a successful attack, we must remain on guard and continue to build our defences,\u201d concluded Summerhayes. \u201cIn an environment where an attack on one of us could be an attack on any of us, we are all \u2013 governments, regulators, organisations and individuals \u2013 links in a chain \u2013 and we are in this battle together. By sharing information and expertise, pooling resources and taking prompt action to plug gaps and fix weak links, we create a community of cyber defenders that is greater than the sum of its parts. In doing so, we help to keep the chain as strong as possible, and lock out those who would do us harm.\u201d\n\nwww.apra.gov.au<\/a>","post_title":"APRA releases new cybersecurity strategy","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"apra-releases-new-cybersecurity-strategy","to_ping":"","pinged":"","post_modified":"2020-11-27 17:28:22","post_modified_gmt":"2020-11-27 17:28:22","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4079","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4000,"post_author":"3","post_date":"2020-11-17 13:49:56","post_date_gmt":"2020-11-17 13:49:56","post_content":"ESET researchers have discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates stolen from two different companies. The attack was made easier for Lazarus as South Korean internet users are often asked to install additional security software when visiting government or internet banking websites.\n\n\u201cTo understand this novel supply-chain attack, you should be aware that Wizvera VeraPort, referred to as an integration installation program, is a South Korean application that helps manage such additional security software. When Wizvera VeraPort is installed, users receive and install all necessary software required by a specific website. Minimal user interaction is required to start such software installation,\u201d explained Anton Cherepanov, ESET researcher who led the investigation into the attack. \u201cUsually this software is used by government and banking websites in South Korea. For some of these websites it\u2019s mandatory to have Wizvera VeraPort installed.\u201d\n\n\u201cWhile the Wizvera software does exhibit security maturity and offers a safeguard to cyber threats, it only does what the configuration file instructs,\u201d observed Boris Cipot, senior security engineer at Synopsys. \u201cIn other words, the file informs Wizvera on which software it should install. All that hackers had to do was find the websites that were easiest to breach. Once breached, the attacker could then replace legitimate binaries with malicious ones. This enables Wizvera to install malicious software on visitors\u2019 devices.\u201d\n\nAdditionally, the attackers used illegally obtained code-signing certificates in order to sign the malware samples. One of these certificates was issued to the US branch of a South Korean security company. \u201cThe attackers camouflaged the Lazarus malware samples as legitimate software. These samples have similar file names, icons and resources as legitimate South Korean software,\u201d says Peter K\u00e1lnai, ESET researcher who analysed the Lazarus attack with Cherepanov. \u201cIt\u2019s the combination of compromised websites with Wizvera VeraPort support and specific VeraPort configuration options that allows attackers to perform this attack.\u201d\n\n\u201cWhat has transpired here highlights how cybersecurity does not operate within a vacuum,\u201d added Stuart Sharp, VP of Technical Services at OneLogin. \u201cMaintaining good cybersecurity requires keeping an eye on the basics, and ensuring that the organisations you partner with in the supply chain do as well - as the saying goes, your security is only as strong as your weakest link. In this instance, the South Korean government should ensure that the software manager verifies the owner of the certificate, and that all organisations within their supply chain are adhering to a standard set of cyber hygiene rules as well as performing regular security audits. This is particularly true if they are requiring users to download software to access certain services.\u201d\n\n\u201cThis attack by Lazarus group is yet another example of how cybercriminals will try to compromise the supply chain at any weak spot to gain access,\u201d agreed Javvad Malik, Security Awareness Advocate at KnowBe4. \u201cIt's therefore essential that all organisations have effective and robust security controls in place to maintain the integrity of their supply chains and the security of transactions which take place across them. We saw Petya ransomware spread through most of Ukraine due to a compromised tax filing software. Government departments in particular need to keep a close eye on mandatory software or portals which, if compromised, can quickly have large impacts.\u201d\n\n\u201cThis is yet another case of cybercriminals finding loopholes in security procedures,\u201d concluded Cipot. \u201cBased on feedback from ESET researchers, the easiest prevention of such an attack would be to provide hashes on the binaries in the configuration files. That way, the binary cannot be installed if the hashes do not match. Unfortunately, skipping this extra security step has allowed attackers to abuse the otherwise robust system. We see this often, where misconfiguration can lead to significant consequences. While typically we hear about instances of misconfigured S3 buckets, in this case, it was a misconfigured instruction file.\u201d\n\nwww.eset.com<\/a>","post_title":"ESET Research discovers Lazarus attack in South Korea","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"eset-research-discovers-lazarus-attack-in-south-korea","to_ping":"","pinged":"","post_modified":"2020-11-17 13:49:59","post_modified_gmt":"2020-11-17 13:49:59","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4000","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3655,"post_author":"3","post_date":"2020-10-21 17:06:04","post_date_gmt":"2020-10-21 16:06:04","post_content":"

HID Global has been working with banking software manufacturer Temenos to expand the features of its multi-factor authentication solution that are available to Temenos Infinity users. HID\u2019s risk-based authentication solution is pre-integrated with Temenos\u2019 digital front office product, Infinity.<\/p>\n

<\/p>\n

\u201cHID is committed to helping Temenos customers meet today\u2019s extraordinary demand for safe and secure access to mobile and online banking services as a result of the current global health crisis,\u201d said Brad Jarvis, Vice President and Managing Director of the Identity & Access Management Solutions with HID Global. \u201cWe are ensuring that Temenos Infinity users can benefit from the broadest range of capabilities in our risk-based authentication solution, from onboarding and transaction signing through self-service and management.\u201d<\/p>\n

<\/p>\n

HID\u2019s offering supports the latest Temenos Infinity capabilities through its HID ActivID Authentication Platform featuring the HID Risk Management Solution with real-time risk profiling technology. Temenos Infinity users now benefit from a wide range of options for authentication and onboarding, including static passwords, multiple types of One Time Passwords (OTPs) and FIDO hardware authenticators, and mobile push notification leveraging public key cryptography. In addition to this, further capabilities include <\/a>pre-integrated HID Identity Verification Service capabilities that simplify and enhance digital identity self-service and management while increasing administrative visibility.<\/p>\n

<\/p>\n

\u201cAs the leader in banking software, we know that the need for modern digital banking in this \u2018New Normal\u2019 will be greater than ever,\u201d said James Holland, Director of Product Security with Temenos. \u201cTemenos is helping banks support today\u2019s surge in digital banking volumes while also ensuring that these interactions are secure at every point, including the consumer\u2019s device where they are initiated.  We welcome these new capabilities from HID Global.\u201d<\/p>\n

<\/p>\n

<\/p>\n

www.hidglobal.com<\/a><\/p>","post_title":"HID Global expands multi-factor authentication features for Temenos Infinity","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"hid-global-expands-multi-factor-authentication-features-for-temenos-infinity","to_ping":"","pinged":"","post_modified":"2023-01-23 10:57:39","post_modified_gmt":"2023-01-23 10:57:39","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3655","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3642,"post_author":"3","post_date":"2020-10-21 11:14:26","post_date_gmt":"2020-10-21 10:14:26","post_content":"

Mastercard has partnered with IDEMIA and MatchMove for its first pilot in Asia of a biometric card that uses a fingerprint to authorise transactions at in-store payment terminals. The card, with the product name F.CODE Easy, is said to make transactions more convenient, safe and secure by eliminating the need for a cardholder to provide a PIN number or signature, thereby reducing touch points in public places.<\/p>\n

<\/p>\n

Developed by IDEMIA in accordance with Mastercard\u2019s technical and design specifications, F.CODE Easy stores all biometric credentials on the card chip rather than a central database. The battery-free card, which harvests energy from payment terminals to power its fingerprint sensor, is designed to be user-friendly and is certified to ISO standards by Mastercard for security and compliance.<\/p>\n

<\/p>\n

MatchMove, a Banking as a Service provider in Singapore, will issue the biometric cards for the pilot in the fourth quarter of 2020. The pilot will feature employees of Mastercard, IDEMIA and MatchMove using the cards for transactions and live demonstrations for customers.<\/p>\n

<\/p>\n

\u201cAs people make a permanent move to contactless transactions, the biometric card promises more choice and greater security for consumers,\u201d said Matthew Driver, Executive Vice President, Services, Asia Pacific, Mastercard. \u201cWith Mastercard\u2019s focus on digital commerce, this solution is a testament to the innovative partnerships Mastercard cultivates and its mission to provide fast, frictionless payment experiences that are protected at every point.\u201d<\/p>\n

<\/p>\n

\u201cWe are proud to celebrate this milestone on our journey to shaping the future of payments into one powered by biometrics,\u201d said Vincent Mouret, Senior Vice President of Financial Institutions Asia Pacific at IDEMIA. \u201cWe are delighted to partner with Mastercard and MatchMove to launch F.CODE Easy in Asia and we look forward to continuing to work together to provide end-to-end security for fintechs.\u201d<\/p>\n

<\/p>\n

\u201cWe are excited to partner with IDEMIA and Mastercard to pioneer cutting-edge solutions that empower our customers to make safe and secure payments,\u201d said Amar Abrol, Chief Commercial Officer at MatchMove. \u201cBy leveraging F.CODE Easy, we can enable multiple use cases for our clients who in turn create greater value and utility for their customers, employees, suppliers and partners. We look forward to working together and introducing new innovative solutions to the market.\u201d<\/p>\n

<\/p>\n

www.idemia.com<\/a><\/p>","post_title":"Mastercard, IDEMIA and MatchMove pilot biometric Card in Asia","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"mastercard-idemia-and-matchmove-pilot-biometric-card-in-asia","to_ping":"","pinged":"","post_modified":"2022-12-14 16:11:10","post_modified_gmt":"2022-12-14 16:11:10","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3642","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3400,"post_author":"3","post_date":"2020-10-16 17:52:28","post_date_gmt":"2020-10-16 16:52:28","post_content":"Zimperium discusses the security and privacy issues found in 400 mobile banking and payment apps distributed in the EMEA region.","post_title":"Security and risk findings in the top 400 EMEA mobile banking apps","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"security-and-risk-findings-in-the-top-400-emea-mobile-banking-apps","to_ping":"","pinged":"","post_modified":"2020-10-16 17:52:30","post_modified_gmt":"2020-10-16 16:52:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3400","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"}],"next":false,"prev":false,"total_page":1},"paged":1,"column_class":"jeg_col_2o3","class":"epic_block_14"};

\n

Ping Identity has partnered up with ProofID to reportedly simplify identity security for Tesco Bank to enable a more secure and customer-centric banking experience. <\/p>\n\n\n\n

More than five million customer identities managed by Tesco Bank had become siloed across its products and services, adding unwanted friction to the customer experience. It also needed to meet robust compliance requirements to adhere to the revised Payment Services Directive (PSD2), a European electronic services regulation requiring strong customer authentication. <\/p>\n\n\n\n

These needs were hindered by an inflexible security posture that was adding cost and time to the launch of new applications and features. \u201cWe needed a customer security platform that could extend across all our channels,\u201d explains Tesco Bank security architect, David McConchie, \u201cand ultimately allow us to consolidate disparate identity data, laying the foundation for a common customer identity.\u201d<\/p>\n\n\n\n

With ProofID as the implementation partner, Tesco Bank configured its new PingAccess and PingFederate cluster to secure key applications in 12 weeks, which included building a single-factor login journey and deploying it across their private AWS cloud. The result is a common identity provider with self-service features across banking, credit cards and general insurance, which allows customers to more easily manage their money and have an overall better experience. <\/p>\n\n\n\n

\u201cWe saw how we could use PingAccess and PingFederate to work across web, mobile and API. The ease with which we could deploy across channels was a critical factor, along with the data governance capabilities,\u201d explains McConchie. \u201cPing Identity gives us the flexible authorisation capabilities we need to minimise friction and deliver a customer-centric experience.\u201d<\/p>\n\n\n\n

\u201cModern enterprises require increased business agility, and banks are no exception,\u201d said Emma Maslen, VP and general manager of Ping Identity, EMEA & APAC, \u201cFinancial institutions are faced with unforgiving customers and uniquely robust compliance requirements. This amplifies the need for a partner that not only understands their complexities but can deliver flexible security solutions that deliver an integrated customer experience to achieve business goals.\u201d<\/p>\n\n\n\n

www.pingidentity.com<\/a><\/p>\n\n\n\n

www.proofid.com<\/a><\/p>\n","post_title":"Ping Identity and ProofID supply identity security for Tesco Bank","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-and-proofid-supply-identity-security-for-tesco-bank","to_ping":"","pinged":"","post_modified":"2021-05-18 14:56:46","post_modified_gmt":"2021-05-18 13:56:46","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6153","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":6132,"post_author":"1","post_date":"2021-05-14 16:19:02","post_date_gmt":"2021-05-14 15:19:02","post_content":"Cloud technology has been proven to help businesses remain operational during the pandemic and has helped facilitate a digital transformation process that was already underway in many sectors, including financial services. Now, as the success of the vaccination programme and drop in infection rates leads to a relaxing of lockdown regulations, retail and investment banks will be looking to help large numbers of employees back to work to resume full service.\n\nBut this gradual transition will require planning and consideration to be given to health and safety alongside the expected high levels of security. While mask wearing and social distancing measures are set to be relaxed over the coming months, it\u2019s nevertheless imperative that day-to-day business is not jeopardised by a spread of infection as a result of complacency. This is where technology has an important role to play, with benefits that will transcend the pandemic, equipping banks and financial services for future challenges.\n\nThe evolution of hosted physical security<\/strong>\n\nPhysical security too is transforming. In today\u2019s modern world, dated standalone CCTV and manually operated access barriers, are increasingly being replaced with cloud-enabled network cameras and digital access control mechanisms. Such technologies provide multiple layers of protection, both at a building\u2019s entrance and within the premises itself. The internet of things (IoT) brings seamless device connectivity and data sharing for a streamlined, efficient and intelligent security solution.\n\nTo better understand the capacity for cloud to help improve security and provide operational benefits during the pandemic and beyond, hosted security provider Morphean, commissioned a survey of 1,000 senior decision makers across the UK, Germany and Sweden. Results revealed that 51% of respondents are currently using a cloud-based video surveillance (VSaaS) and\/or a door entry\/access control system (ACaaS), and that 95% of those surveyed agree that if an existing security system could deliver insights beyond security to assist decision making it would influence adoption.\n\nImproving the management of premises and people<\/strong>\n\nIn such a high security environment, VSaaS and ACaaS can help managers to determine staff whereabouts and to know who is in the building at any one time. For example, an access control solution which is linked to an HR database can check the swipe of an access card against staff records. Surveillance cameras also provide secondary authentication through visual clarification of an individual\u2019s identity. An employee who is flagged by the system as being on leave, absent or no longer employed will trigger an automated alert to relevant personnel, who can take swift action.\n\nWith concerns turning to the potential spread of Covid-19 variants, frictionless access control mechanisms ensure a fast and hands-free method of admitting staff to the premises, using surveillance cameras, QR codes, or mobile phone identification to avoid the touching of shared surfaces, minimising cross infection risk. IP audio equipment that is connected to the surveillance system can be used to issue messages, either pre-recorded or in real-time, to remind staff of the importance of maintaining a safe distance from each other and configured to trigger an automated warning message while simultaneously making security personnel aware of any situation.\n\nUnlocking powerful operational insights<\/strong>\n\nEnsuring that only staff who are necessary for day-to-day operations are on site is a sensible way to further minimise infection risk. Remote monitoring and operational insights can be employed to check premises via tablet or mobile, removing any need to enter a site unnecessarily. In fact, access from any location (32%), remote maintenance (31%), and the ability to monitor empty sites (29%) were all identified as key benefits of introducing VSaaS and ACaaS, alongside better security (40%) and better functionality (33%). VSaaS and ACaaS include regular software updates and firmware upgrades, resulting in a solution that is always online and always up to date.\n\nVSaaS and ACaaS are based on a pay-per-use business model which means that systems can be easily scaled up or down in accordance with customer requirements, while monthly recurring payments remove the need for large upfront capital expenditure. Partnering with a trusted physical security provider will ensure delivery of a future-proof system that\u2019s capable of high levels of security while unlocking powerful business intelligence. Managers will benefit from insight into staff movement around the premises and adherence to health and safety protocols for complete peace of mind.\n\nThe evolving threat landscape and the broad range of challenges that the future will bring is something that all companies must consider. Fortunately, cloud-enabled physical security now appears to sit firmly on the agenda. For the banking and finance industry, VSaaS and ACaaS provide a flexible security and business solution that will enable them to meet ever evolving demands and confidently face the future.\n\nFor further insights on VSaaS and ACaaS adoption in Europe, download Morphean's whitepaper:\n\nLandscape Report 2020\/21: Hosted Security adoption in Europe<\/a>\n\nwww.morphean.com<\/a>","post_title":"Opinion | Improving banking security and operations through innovations in cloud","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"opinion-improving-banking-security-and-operations-through-innovations-in-cloud","to_ping":"","pinged":"","post_modified":"2021-05-14 16:19:05","post_modified_gmt":"2021-05-14 15:19:05","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6132","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":6070,"post_author":"48","post_date":"2021-05-12 13:00:28","post_date_gmt":"2021-05-12 12:00:28","post_content":"\n

Employee safety is a top priority in retail stores, bank branches, and similar applications. Using Bosch's method of integrating the intrusion system's panic buttons or bill trap sensors with the radio dispatch system, this can provide added security by alerting security personnel to high-risk situations.<\/p>\n\n\n\n

\nhttps:\/\/www.youtube.com\/watch?v=-Erg_9Y9y28&ab_channel=BoschSecurityandSafetySystems\n<\/div><\/figure>\n\n\n\n

https:\/\/www.boschsecurity.com\/gb\/en\/<\/a><\/p>\n","post_title":"Bosch Security Systems | Assuring employee safety","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bosch-security-systems-assuring-employee-safety","to_ping":"","pinged":"","post_modified":"2022-07-11 20:22:00","post_modified_gmt":"2022-07-11 19:22:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6070","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5921,"post_author":"3","post_date":"2021-04-30 17:35:38","post_date_gmt":"2021-04-30 16:35:38","post_content":"Reiknistofa bankanna (RB), an IT service provider for Icelandic financial institutions, has recently overhauled its security infrastructure with Genetec Security Center. Following a project from systems integrator Hafnes Ehf, RB is now using Genetec to manage its cameras, access control and video analytics through a single interface.\n\nRB is a provider of mission-critical IT systems for Icelandic financial institutions, responsible for the country\u2019s central clearance and settlement system, and a number of multi-tenant core banking solutions. RB places a very high importance on security, not only to ensure its data stays safe, but also to protect employees and visiting clients. While its server rooms and offices were protected via disparate video and access control systems, the technology was old, and maintenance was becoming both a financial and an operational burden.\n\nRB operates its solutions across multiple data centres in a shared, multi-bank environment. This requires a system that brings video and access control into a single solution. As an open unified platform, Genetec Security Center was reportedly chosen as it simplified daily security operations, allowed for further integration with other tools such as RB\u2019s heating and cooling systems, and delivered business-wide value.\n\n\u201cFrom day one we wanted a unified system which could help our teams understand the situation quickly; alerting them if anything required their attention,\u201d said Geir S\u00e6mundsson, Datacentre Manager at Reiknistofa bankanna. \u201cThe Genetec solution does just this and is allowing us to build-in customised alerts so we gain business intelligence \u2013 providing us with better ROI.\u201d\n\n\u201cPhysical security teams are demanding simplicity and greater functionality,\u201d added Anthonie van der Ploeg, Director of Sales for Benelux & Nordics at Genetec. \u201cUnification can offer them both by bringing together all security system components seamlessly in a single software platform in a way that can vastly improve security management. We are delighted that Iceland\u2019s Reiknistofa Bankanna has experienced the deep business insights Genetec Security Center is capable of delivering and we look forward to supporting them as they evolve and grow their operations.\u201d\n\n\u201cThe time savings delivered by Genetec have been immense,\u201d concluded S\u00e6mundsson. \u201cIt\u2019s been a worthwhile investment, especially as it can evolve with us, and allows us to move at our chosen speed. Considering its ease of use, deep integration and leading analytics, we look forward to continuing the partnership over the coming years.\u201d\n\nwww.genetec.com<\/a>","post_title":"Genetec protects Iceland\u2019s financial services backbone","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"genetec-protects-icelands-financial-services-backbone","to_ping":"","pinged":"","post_modified":"2023-01-23 10:33:37","post_modified_gmt":"2023-01-23 10:33:37","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5921","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5156,"post_author":"3","post_date":"2021-03-04 08:47:26","post_date_gmt":"2021-03-04 08:47:26","post_content":"Bothwell Exchange, a new construction commercial space in Glasgow, Scotland, has installed an array of Boon Edam\u2019s Speedlane Slide optical turnstiles in the lobby and two TQA automatic revolving doors at the main entrance to control access.\n\nBothwell Exchange is a 9-storey, 155,000 sq. ft. commercial building located at 122 Waterloo Street in Glasgow, Scotland\u2019s International Financial Services District (IFSD). The location houses various international banking giants, as well as a gym, a kitchen and other amenities for employees. Architectural firm Michael Laird Associates led the design of the project, to create modern design with an open, column-free look and feel.\n\nWhen the project was completed, Bothwell Exchange was named the first development in Scotland to achieve the Platinum Wiredscore Certification, demonstrating that the building goes above and beyond to meet its tenants\u2019 connectivity needs. Bothwell Exchange was also awarded a BREEAM Excellent Rating, a performance standard which measures a building\u2019s sustainable value in a series of categories, ranging from energy to ecology.\n\nThe architects wanted to incorporate an automatic revolving door into the entrance of the building. Revolving doors are \u201calways open, always closed,\u201d meaning that no matter the position of the door, there is always a seal between the outside environment and the interior building. This helps save on energy costs and lobby space, without slowing down traffic. In consideration of these benefits, it was decided that the Bothwell Exchange entrance would consist of two automatic, 4-wing TQA revolving doors finished in 316 stainless steel. Additionally, for added security after hours, each door was outfitted with an external night sliding door set that completely seals the throat opening and can be locked to deter intruders.\n\nDuring the construction phase of building design, the architects communicated a need to incorporate security measures into the open lobby without impairing the flow of traffic in and out of the building. After a discussion around the estimated traffic needs of the building, the team decided to install a four-lane array of Speedlane Slide optical turnstiles to control unauthorised entry while still allowing 20-30 people per lane to enter each minute. To handle multiple types of traffic, the turnstile array was comprised of three standard-width lanes and one ADA-width lane. The wide lane would accommodate both employee traffic and the occasional wheelchair or delivery.\n\nwww.boonedam.com<\/a>","post_title":"Bothwell Exchange installs Boon Edam turnstiles and revolving doors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bothwell-exchange-installs-boon-edam-turnstiles-and-revolving-doors","to_ping":"","pinged":"","post_modified":"2021-03-04 08:47:30","post_modified_gmt":"2021-03-04 08:47:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5156","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4810,"post_author":"3","post_date":"2021-02-03 15:16:33","post_date_gmt":"2021-02-03 15:16:33","post_content":"Dahua Technology UK and Ireland has created a feature-rich virtual experience dubbed the Virtual Innovation Centre as a way to counter the continued absence of face-to-face trade events during the pandemic.\n\nThe innovation centre features immersive virtual reality, where visitors are able to walk through a pavilion and see Dahua\u2019s latest product and technology innovations. Visitors can select an automatic tour of the entire pavilion to get an overview on what is on offer, with the option of stopping at particular exhibits to drill down to the level of detail they require. Alternatively, visitors can navigate the pavilion at their own pace, stopping off wherever they like. Users can visit the site around the clock, and there is no limit to the number of times it can be accessed.\n\n\u201cWe are thrilled by the launch of our Virtual Innovation Centre, which has been carefully planned and designed to give users the optimum experience from the comfort and safety of their own homes or offices,\u201d said Michael Lawrence, Marketing Director for Dahua UK & Ireland. \u201cIt is the closest thing visitors can get to a live physical exhibition, but with the addition of a wealth of multimedia and online content.\u201d\n\nExhibits include: video solutions with AI learning capabilities; a range of temperature monitoring solutions including TMAC, Dahua\u2019s contactless temperature monitoring access control system; smart home and smart retail applications; and video intercom solutions. There are also areas dedicated to specific vertical applications such as smart transport, safe cities, smart retail and smart banking.\n\nvirtual-innovation-centre.dahuasecuritysolutions.co.uk<\/a>","post_title":"Dahua UK and Ireland launches virtual innovation centre","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"dahua-uk-and-ireland-launches-virtual-innovation-centre","to_ping":"","pinged":"","post_modified":"2021-02-03 15:16:35","post_modified_gmt":"2021-02-03 15:16:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4810","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4801,"post_author":"3","post_date":"2021-02-03 09:41:54","post_date_gmt":"2021-02-03 09:41:54","post_content":"Ping Identity has launched PingOne Verify, a cloud service that helps enterprises verify their customers\u2019 identities for rapid account onboarding, authentication and fraud prevention. The new service is the latest addition to Ping Identity\u2019s suite of cloud services for identity and access management (IAM).\n\n\u201cEnterprises need individuals to verify their identity to prevent fraud, but if the verification process is too cumbersome, they risk losing customers in their first interactions with the business,\u201d said Andre Durand, CEO and founder of Ping Identity. \u201cPingOne Verify is a simple way to verify identities that meets all of an enterprise\u2019s security requirements, while giving customers a streamlined, passwordless, onboarding experience.\u201d\n\nPingOne Verify enables enterprises to embed identity verification directly into their customer-facing mobile app. Customers provide live-capture selfies along with an image of their government-issued identification card, such as a driver\u2019s license or passport. The technology leverages \u2018liveness detection\u2019, in which customers\u2019 facial gestures \u2013 like smiling and straight-faced \u2013 are captured in a continuous stream, rather than a single static image, allowing PingOne Verify to ensure the end-user is a real, live person who is able to follow instructions.\n\nThe system uses facial recognition technology to match the live-face capture with the customer\u2019s image on their government ID. Once it is determined to be a match, PingOne Verify then taps into external data services to validate the government ID is not tampered with or modified. The service connects a customer\u2019s verified identity to their mobile device during the initial verification, bypassing the need to scan a government ID on subsequent verifications. The manufacturer states that this approach can lower the overall cost of identity verification for enterprises without impacting security.\n\nPing Identity believes its new service is ideal for companies in regulated industries, such as financial services and insurance, which have strict Know Your Customer (KYC) requirements. The risk level during the first interaction with a customer has high potential for fraudulent activity or account takeover. PingOne Verify could help these enterprises make sure that they are engaging with the right customers from the very first interaction.\n\nwww.pingidentity.com<\/a>","post_title":"Ping Identity launches identity verification service","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-launches-identity-verification-service","to_ping":"","pinged":"","post_modified":"2021-02-03 09:42:00","post_modified_gmt":"2021-02-03 09:42:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4801","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4739,"post_author":"3","post_date":"2021-01-30 02:27:00","post_date_gmt":"2021-01-30 02:27:00","post_content":"Software-Defined Trust specialists MagicCube has been appointed to the Board of Advisors at the PCI Security Standards Council (PCI SSC), whose role helps to ensure the security of card payment systems and determines international standards. MagicCube\u2019s CTO and co-founder, Nancy Zayed, will sit on the board.\n\n\u201cThe Board of Advisors provides industry expertise and perspectives that influence and shape the development of PCI Security Standards and programmes,\u201d said Lance J Johnson, PCI SSC Executive Director. \u201cWe look forward to working with MagicCube in our efforts to help organisations secure payment data globally.\u201d\n\nMagicCube\u2019s appointment is the first of a startup to the Board, which includes the likes of Amazon, JPMorganChase, Citi and PayPal, and the first of a Software-Defined Trust (SDT) platform designed for payments.\n\n\u201cWe rely on input from the Board of Advisors to develop data security standards and programmes that help businesses globally detect, mitigate and prevent cyberattacks and breaches,\u201d said Troy Leach, PCI SSC SVP Engagement Officer. \u201cWe\u2019re pleased to have MagicCube on the PCI SSC Board of Advisors to provide critical insights and help us build on the great efforts that are already being done to increase payment security globally.\u201d\n\n\u201cWe\u2019re extremely proud to have been elected to join the PCI Security Standards Council\u2019s Board of Advisors to continue our work on advising in the development of the PCI Security Standards,\u201d said Zayed. \u201cWe are hoping to share and contribute our experience in providing innovative provable software security technologies designed to come to par with hardware-based security yet competes with it in terms of practicality and ease of adoption, therefore enriching solutions\u2019 availability and extending optionality and speeds of adoption. Our objective of working within the Council to create and advance the standards for adopting new security technologies delivers on the Council\u2019s mission of maintaining the same high level of security of large volume of transactions across the many forms and configurations of payment platforms.\u201d\n\nwww.magiccube.co<\/a>","post_title":"MagicCube appointed to PCI Security Standards Council Board of Advisors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"magiccube-appointed-to-pci-security-standards-council-board-of-advisors","to_ping":"","pinged":"","post_modified":"2021-01-29 16:34:21","post_modified_gmt":"2021-01-29 16:34:21","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4739","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4516,"post_author":"3","post_date":"2021-01-11 10:23:32","post_date_gmt":"2021-01-11 10:23:32","post_content":"A third-party file sharing service used by the Reserve Bank of New Zealand \u2013 Te P\u016btea Matua to share and store some sensitive information, has been illegally accessed. Governor Adrian Orr stated that the breach has been contained, but that it would take time to determine the impact.\n\n\u201cWe are actively working with domestic and international cyber security experts and other relevant authorities as part of our investigation,\u201d said Orr. \u201cThis includes the GCSB\u2019s National Cyber Security Centre which has been notified and is providing guidance and advice. We have been advised by the third party provider that this wasn\u2019t a specific attack on the Reserve Bank, and other users of the file sharing application were also compromised.\u201d\n\nThe bank is working to understand the nature and extent of information that has been potentially accessed. However, it warns that it may include some commercially and personally sensitive information. The bank reports that the breached system has been secured and taken offline and that it is working with system users whose information may have been accessed.\n\n\u201cOur core functions and New Zealand\u2019s financial system remain sound, and Te P\u016btea Matua is open for business. This includes our markets operations and management of the cash and payments systems,\u201d concluded Orr.\n\nwww.rbnz.govt.nz<\/a>","post_title":"Reserve Bank of New Zealand suffers data breach","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"reserve-bank-of-new-zealand-suffers-data-breach","to_ping":"","pinged":"","post_modified":"2021-01-11 10:23:35","post_modified_gmt":"2021-01-11 10:23:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4516","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4205,"post_author":"3","post_date":"2020-12-09 12:09:02","post_date_gmt":"2020-12-09 12:09:02","post_content":"Idemia has signed a deal with Rocker to enhance contactless payment security for the blue-chip Swedish FinTech and bank challenger. The agreement will see Idemia\u2019s F.CODE biometric payment cards undergo a proof of concept with Rocker customers during the first quarter of 2021.\n\n\u201cAs a bank challenger, we are constantly testing new technology to develop smarter financial services that are easier to use and that help our customers improve their everyday financial lives,\u201d stated Jonas Hultin, Chief Product Officer and one of Rocker\u2019s three founders. \u201cWe are moving at a high pace to provide new and attractive innovations to customers. Launching biometric F.CODE debit cards is part of our strategy to offer smart and secure payment solutions across platforms, whether you wish to pay with your mobile, a card or with a transfer. In doing so, we are first in Sweden and one of the first in the world to offer this payment technology for consumers.\u201d\n\nThe deal marks the first ever-biometric card proof of concept in Northern Europe and will see payments using the card fingerprint-checked in store. The F.CODE payment card adopts a biometric authentication procedure making transactions quicker, more hygienic and more secure as cardholders no longer need to enter a PIN or sign. The solution ensures security by storing all biometric credentials only in the chip on the card, rather than in a remote database.\n\nThe battery-free card that will be rolled out in mid-2021 following the proof of concept is powered by the payment terminal and is designed to be user-friendly. Rocker aims to offer the F.CODE card as a new service in its growing offering of retail financial services that are easier to use, more flexible and better priced. The proof of concept will be completed by the first quarter of 2021.\n\n\u201cWe are proud to partner with Rocker and to shape the future of payments, hand in hand with a FinTech at the cutting edge of innovation,\u201d said Amanda Gourbault, IDEMIA\u2019s Executive Vice-President Financial Institutions. \u201cWe are delighted to ensure an innovative yet seamless experience to Rocker\u2019s customers thanks to the use of biometrics.\u201d\n\nwww.idemia.com<\/a>","post_title":"Idemia partners with Rocker to offer the first biometric card in Sweden","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"idemia-partners-with-rocker-to-offer-the-first-biometric-card-in-sweden","to_ping":"","pinged":"","post_modified":"2022-12-14 16:10:48","post_modified_gmt":"2022-12-14 16:10:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4205","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4155,"post_author":"3","post_date":"2020-12-04 15:36:00","post_date_gmt":"2020-12-04 15:36:00","post_content":"

Thales has launched the Gemalto Intelligent Double-sided ID Card Reader CR5400i, a product it describes as the world\u2019s only double-sided ID card reader and the first to be able to examine ID cards or driving licenses in the cloud in less than four seconds.<\/p>\n

The manufacturer states that its reader protects businesses from fraud and forgery thanks to sophisticated mechanisms for superior document authentication. The \u201ci\u201d version permits multiple intelligent readers to be centrally connected via Wi-Fi for organisations that need to deploy a fleet of readers. The compact device can also be set up, managed and serviced remotely.<\/p>\n

To use the device, a user inserts their ID card into the reader which reads both sides of the card simultaneously. Once this action is complete, a LED changes from blue to green and the ID is ejected and returned to its owner with no physical interaction between the user and operator.<\/p>\n

\u201cAt Thales we are committed to bring both convenience and security to the ID verification process. With the new double-sided reader the user experience is smooth while the service provider can fight ID fraud benefitting from a flexible and easy-to-integrate solution,\u201d said James MacLean Director of Document Reading Solutions at Thales. \u201cIn addition, the Covid-19 context has brought new challenges that Thales\u2019 intelligent ID card reader answers with its touch-free feature.\u201d<\/p>\n

www.thalesgroup.com<\/a><\/p>\n \n\n ","post_title":"Thales unveils double-sided ID card reader","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"thales-unveils-double-sided-id-card-reader","to_ping":"","pinged":"","post_modified":"2020-12-03 17:38:48","post_modified_gmt":"2020-12-03 17:38:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4155","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4079,"post_author":"3","post_date":"2020-11-27 17:28:17","post_date_gmt":"2020-11-27 17:28:17","post_content":"The Australian Prudential Regulation Authority (APRA) has released its Cyber Security Strategy for 2020 to 2024. The strategy seeks to lift cybersecurity standards further and introduce heightened accountability where companies fail to meet their legally binding requirements. Most notably, it also aims to extend APRA\u2019s reach beyond its regulated entities to influence the broader eco-system of suppliers and providers they rely upon.\n\nIn a speech to the Financial Services Assurance Forum, APRA Executive Board Member Geoff Summerhayes stated: \u201cTo date, no APRA-regulated bank, insurer or superannuation fund has suffered a material cyber breach, but our view that it\u2019s only a matter of time until a major incident occurs hasn\u2019t changed. Although the financial industry takes cyber risk seriously, there is room for improvement. For example, too many boards still lack visibility or understanding of the problems, while internal audit functions can lack the specialist skills to challenge boards and management to plug urgent gaps.\u201d\n\nThe new strategy builds on APRA\u2019s previous strategic initiatives including the delivery of its information security prudential standard and prudential guidance, and establishing a notification and response process for material cyber incidents.\n\n\u201cThe Strategy has been informed by extensive consultation with the Department of Home Affairs, as well as Treasury, ASIC and the Reserve Bank of Australia, and is designed to complement Australia\u2019s Cyber Security Strategy 2020,\u201d explained Summerhayes. \u201cOur mission is to make a step change in Australia\u2019s financial system cyber resilience. Our vision is for a financial system that can stand firm against cyber-attacks.\u201d\n\nThe Strategy comprises three primary focus areas. First is to establish a baseline of cyber controls by reinforcing the embedding of non-negotiable cyber practices. The second priority is to enable boards and executives of financial institutions to oversee and direct correction of cyber exposures. The final branch of APRA\u2019s new strategy is to rectify weak links within the broader financial eco-system and supply chain by fostering the maturation of provider cyber-assessment and assurance, and harmonising the regulation and supervision of cyber across the financial system.\n\n\u201cAs the threat posed by domestic and international cyber adversaries grows, along with the potential impact of a successful attack, we must remain on guard and continue to build our defences,\u201d concluded Summerhayes. \u201cIn an environment where an attack on one of us could be an attack on any of us, we are all \u2013 governments, regulators, organisations and individuals \u2013 links in a chain \u2013 and we are in this battle together. By sharing information and expertise, pooling resources and taking prompt action to plug gaps and fix weak links, we create a community of cyber defenders that is greater than the sum of its parts. In doing so, we help to keep the chain as strong as possible, and lock out those who would do us harm.\u201d\n\nwww.apra.gov.au<\/a>","post_title":"APRA releases new cybersecurity strategy","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"apra-releases-new-cybersecurity-strategy","to_ping":"","pinged":"","post_modified":"2020-11-27 17:28:22","post_modified_gmt":"2020-11-27 17:28:22","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4079","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4000,"post_author":"3","post_date":"2020-11-17 13:49:56","post_date_gmt":"2020-11-17 13:49:56","post_content":"ESET researchers have discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates stolen from two different companies. The attack was made easier for Lazarus as South Korean internet users are often asked to install additional security software when visiting government or internet banking websites.\n\n\u201cTo understand this novel supply-chain attack, you should be aware that Wizvera VeraPort, referred to as an integration installation program, is a South Korean application that helps manage such additional security software. When Wizvera VeraPort is installed, users receive and install all necessary software required by a specific website. Minimal user interaction is required to start such software installation,\u201d explained Anton Cherepanov, ESET researcher who led the investigation into the attack. \u201cUsually this software is used by government and banking websites in South Korea. For some of these websites it\u2019s mandatory to have Wizvera VeraPort installed.\u201d\n\n\u201cWhile the Wizvera software does exhibit security maturity and offers a safeguard to cyber threats, it only does what the configuration file instructs,\u201d observed Boris Cipot, senior security engineer at Synopsys. \u201cIn other words, the file informs Wizvera on which software it should install. All that hackers had to do was find the websites that were easiest to breach. Once breached, the attacker could then replace legitimate binaries with malicious ones. This enables Wizvera to install malicious software on visitors\u2019 devices.\u201d\n\nAdditionally, the attackers used illegally obtained code-signing certificates in order to sign the malware samples. One of these certificates was issued to the US branch of a South Korean security company. \u201cThe attackers camouflaged the Lazarus malware samples as legitimate software. These samples have similar file names, icons and resources as legitimate South Korean software,\u201d says Peter K\u00e1lnai, ESET researcher who analysed the Lazarus attack with Cherepanov. \u201cIt\u2019s the combination of compromised websites with Wizvera VeraPort support and specific VeraPort configuration options that allows attackers to perform this attack.\u201d\n\n\u201cWhat has transpired here highlights how cybersecurity does not operate within a vacuum,\u201d added Stuart Sharp, VP of Technical Services at OneLogin. \u201cMaintaining good cybersecurity requires keeping an eye on the basics, and ensuring that the organisations you partner with in the supply chain do as well - as the saying goes, your security is only as strong as your weakest link. In this instance, the South Korean government should ensure that the software manager verifies the owner of the certificate, and that all organisations within their supply chain are adhering to a standard set of cyber hygiene rules as well as performing regular security audits. This is particularly true if they are requiring users to download software to access certain services.\u201d\n\n\u201cThis attack by Lazarus group is yet another example of how cybercriminals will try to compromise the supply chain at any weak spot to gain access,\u201d agreed Javvad Malik, Security Awareness Advocate at KnowBe4. \u201cIt's therefore essential that all organisations have effective and robust security controls in place to maintain the integrity of their supply chains and the security of transactions which take place across them. We saw Petya ransomware spread through most of Ukraine due to a compromised tax filing software. Government departments in particular need to keep a close eye on mandatory software or portals which, if compromised, can quickly have large impacts.\u201d\n\n\u201cThis is yet another case of cybercriminals finding loopholes in security procedures,\u201d concluded Cipot. \u201cBased on feedback from ESET researchers, the easiest prevention of such an attack would be to provide hashes on the binaries in the configuration files. That way, the binary cannot be installed if the hashes do not match. Unfortunately, skipping this extra security step has allowed attackers to abuse the otherwise robust system. We see this often, where misconfiguration can lead to significant consequences. While typically we hear about instances of misconfigured S3 buckets, in this case, it was a misconfigured instruction file.\u201d\n\nwww.eset.com<\/a>","post_title":"ESET Research discovers Lazarus attack in South Korea","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"eset-research-discovers-lazarus-attack-in-south-korea","to_ping":"","pinged":"","post_modified":"2020-11-17 13:49:59","post_modified_gmt":"2020-11-17 13:49:59","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4000","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3655,"post_author":"3","post_date":"2020-10-21 17:06:04","post_date_gmt":"2020-10-21 16:06:04","post_content":"

HID Global has been working with banking software manufacturer Temenos to expand the features of its multi-factor authentication solution that are available to Temenos Infinity users. HID\u2019s risk-based authentication solution is pre-integrated with Temenos\u2019 digital front office product, Infinity.<\/p>\n

<\/p>\n

\u201cHID is committed to helping Temenos customers meet today\u2019s extraordinary demand for safe and secure access to mobile and online banking services as a result of the current global health crisis,\u201d said Brad Jarvis, Vice President and Managing Director of the Identity & Access Management Solutions with HID Global. \u201cWe are ensuring that Temenos Infinity users can benefit from the broadest range of capabilities in our risk-based authentication solution, from onboarding and transaction signing through self-service and management.\u201d<\/p>\n

<\/p>\n

HID\u2019s offering supports the latest Temenos Infinity capabilities through its HID ActivID Authentication Platform featuring the HID Risk Management Solution with real-time risk profiling technology. Temenos Infinity users now benefit from a wide range of options for authentication and onboarding, including static passwords, multiple types of One Time Passwords (OTPs) and FIDO hardware authenticators, and mobile push notification leveraging public key cryptography. In addition to this, further capabilities include <\/a>pre-integrated HID Identity Verification Service capabilities that simplify and enhance digital identity self-service and management while increasing administrative visibility.<\/p>\n

<\/p>\n

\u201cAs the leader in banking software, we know that the need for modern digital banking in this \u2018New Normal\u2019 will be greater than ever,\u201d said James Holland, Director of Product Security with Temenos. \u201cTemenos is helping banks support today\u2019s surge in digital banking volumes while also ensuring that these interactions are secure at every point, including the consumer\u2019s device where they are initiated.  We welcome these new capabilities from HID Global.\u201d<\/p>\n

<\/p>\n

<\/p>\n

www.hidglobal.com<\/a><\/p>","post_title":"HID Global expands multi-factor authentication features for Temenos Infinity","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"hid-global-expands-multi-factor-authentication-features-for-temenos-infinity","to_ping":"","pinged":"","post_modified":"2023-01-23 10:57:39","post_modified_gmt":"2023-01-23 10:57:39","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3655","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3642,"post_author":"3","post_date":"2020-10-21 11:14:26","post_date_gmt":"2020-10-21 10:14:26","post_content":"

Mastercard has partnered with IDEMIA and MatchMove for its first pilot in Asia of a biometric card that uses a fingerprint to authorise transactions at in-store payment terminals. The card, with the product name F.CODE Easy, is said to make transactions more convenient, safe and secure by eliminating the need for a cardholder to provide a PIN number or signature, thereby reducing touch points in public places.<\/p>\n

<\/p>\n

Developed by IDEMIA in accordance with Mastercard\u2019s technical and design specifications, F.CODE Easy stores all biometric credentials on the card chip rather than a central database. The battery-free card, which harvests energy from payment terminals to power its fingerprint sensor, is designed to be user-friendly and is certified to ISO standards by Mastercard for security and compliance.<\/p>\n

<\/p>\n

MatchMove, a Banking as a Service provider in Singapore, will issue the biometric cards for the pilot in the fourth quarter of 2020. The pilot will feature employees of Mastercard, IDEMIA and MatchMove using the cards for transactions and live demonstrations for customers.<\/p>\n

<\/p>\n

\u201cAs people make a permanent move to contactless transactions, the biometric card promises more choice and greater security for consumers,\u201d said Matthew Driver, Executive Vice President, Services, Asia Pacific, Mastercard. \u201cWith Mastercard\u2019s focus on digital commerce, this solution is a testament to the innovative partnerships Mastercard cultivates and its mission to provide fast, frictionless payment experiences that are protected at every point.\u201d<\/p>\n

<\/p>\n

\u201cWe are proud to celebrate this milestone on our journey to shaping the future of payments into one powered by biometrics,\u201d said Vincent Mouret, Senior Vice President of Financial Institutions Asia Pacific at IDEMIA. \u201cWe are delighted to partner with Mastercard and MatchMove to launch F.CODE Easy in Asia and we look forward to continuing to work together to provide end-to-end security for fintechs.\u201d<\/p>\n

<\/p>\n

\u201cWe are excited to partner with IDEMIA and Mastercard to pioneer cutting-edge solutions that empower our customers to make safe and secure payments,\u201d said Amar Abrol, Chief Commercial Officer at MatchMove. \u201cBy leveraging F.CODE Easy, we can enable multiple use cases for our clients who in turn create greater value and utility for their customers, employees, suppliers and partners. We look forward to working together and introducing new innovative solutions to the market.\u201d<\/p>\n

<\/p>\n

www.idemia.com<\/a><\/p>","post_title":"Mastercard, IDEMIA and MatchMove pilot biometric Card in Asia","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"mastercard-idemia-and-matchmove-pilot-biometric-card-in-asia","to_ping":"","pinged":"","post_modified":"2022-12-14 16:11:10","post_modified_gmt":"2022-12-14 16:11:10","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3642","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3400,"post_author":"3","post_date":"2020-10-16 17:52:28","post_date_gmt":"2020-10-16 16:52:28","post_content":"Zimperium discusses the security and privacy issues found in 400 mobile banking and payment apps distributed in the EMEA region.","post_title":"Security and risk findings in the top 400 EMEA mobile banking apps","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"security-and-risk-findings-in-the-top-400-emea-mobile-banking-apps","to_ping":"","pinged":"","post_modified":"2020-10-16 17:52:30","post_modified_gmt":"2020-10-16 16:52:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3400","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"}],"next":false,"prev":false,"total_page":1},"paged":1,"column_class":"jeg_col_2o3","class":"epic_block_14"};

\n

<\/p>\n","post_title":"Solarisbank selects Feedzai as risk management partner","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"solarisbank-selects-feedzai-as-risk-management-partner","to_ping":"","pinged":"","post_modified":"2021-09-23 11:20:12","post_modified_gmt":"2021-09-23 10:20:12","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=7762","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":6153,"post_author":"48","post_date":"2021-05-18 14:56:43","post_date_gmt":"2021-05-18 13:56:43","post_content":"\n

Ping Identity has partnered up with ProofID to reportedly simplify identity security for Tesco Bank to enable a more secure and customer-centric banking experience. <\/p>\n\n\n\n

More than five million customer identities managed by Tesco Bank had become siloed across its products and services, adding unwanted friction to the customer experience. It also needed to meet robust compliance requirements to adhere to the revised Payment Services Directive (PSD2), a European electronic services regulation requiring strong customer authentication. <\/p>\n\n\n\n

These needs were hindered by an inflexible security posture that was adding cost and time to the launch of new applications and features. \u201cWe needed a customer security platform that could extend across all our channels,\u201d explains Tesco Bank security architect, David McConchie, \u201cand ultimately allow us to consolidate disparate identity data, laying the foundation for a common customer identity.\u201d<\/p>\n\n\n\n

With ProofID as the implementation partner, Tesco Bank configured its new PingAccess and PingFederate cluster to secure key applications in 12 weeks, which included building a single-factor login journey and deploying it across their private AWS cloud. The result is a common identity provider with self-service features across banking, credit cards and general insurance, which allows customers to more easily manage their money and have an overall better experience. <\/p>\n\n\n\n

\u201cWe saw how we could use PingAccess and PingFederate to work across web, mobile and API. The ease with which we could deploy across channels was a critical factor, along with the data governance capabilities,\u201d explains McConchie. \u201cPing Identity gives us the flexible authorisation capabilities we need to minimise friction and deliver a customer-centric experience.\u201d<\/p>\n\n\n\n

\u201cModern enterprises require increased business agility, and banks are no exception,\u201d said Emma Maslen, VP and general manager of Ping Identity, EMEA & APAC, \u201cFinancial institutions are faced with unforgiving customers and uniquely robust compliance requirements. This amplifies the need for a partner that not only understands their complexities but can deliver flexible security solutions that deliver an integrated customer experience to achieve business goals.\u201d<\/p>\n\n\n\n

www.pingidentity.com<\/a><\/p>\n\n\n\n

www.proofid.com<\/a><\/p>\n","post_title":"Ping Identity and ProofID supply identity security for Tesco Bank","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-and-proofid-supply-identity-security-for-tesco-bank","to_ping":"","pinged":"","post_modified":"2021-05-18 14:56:46","post_modified_gmt":"2021-05-18 13:56:46","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6153","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":6132,"post_author":"1","post_date":"2021-05-14 16:19:02","post_date_gmt":"2021-05-14 15:19:02","post_content":"Cloud technology has been proven to help businesses remain operational during the pandemic and has helped facilitate a digital transformation process that was already underway in many sectors, including financial services. Now, as the success of the vaccination programme and drop in infection rates leads to a relaxing of lockdown regulations, retail and investment banks will be looking to help large numbers of employees back to work to resume full service.\n\nBut this gradual transition will require planning and consideration to be given to health and safety alongside the expected high levels of security. While mask wearing and social distancing measures are set to be relaxed over the coming months, it\u2019s nevertheless imperative that day-to-day business is not jeopardised by a spread of infection as a result of complacency. This is where technology has an important role to play, with benefits that will transcend the pandemic, equipping banks and financial services for future challenges.\n\nThe evolution of hosted physical security<\/strong>\n\nPhysical security too is transforming. In today\u2019s modern world, dated standalone CCTV and manually operated access barriers, are increasingly being replaced with cloud-enabled network cameras and digital access control mechanisms. Such technologies provide multiple layers of protection, both at a building\u2019s entrance and within the premises itself. The internet of things (IoT) brings seamless device connectivity and data sharing for a streamlined, efficient and intelligent security solution.\n\nTo better understand the capacity for cloud to help improve security and provide operational benefits during the pandemic and beyond, hosted security provider Morphean, commissioned a survey of 1,000 senior decision makers across the UK, Germany and Sweden. Results revealed that 51% of respondents are currently using a cloud-based video surveillance (VSaaS) and\/or a door entry\/access control system (ACaaS), and that 95% of those surveyed agree that if an existing security system could deliver insights beyond security to assist decision making it would influence adoption.\n\nImproving the management of premises and people<\/strong>\n\nIn such a high security environment, VSaaS and ACaaS can help managers to determine staff whereabouts and to know who is in the building at any one time. For example, an access control solution which is linked to an HR database can check the swipe of an access card against staff records. Surveillance cameras also provide secondary authentication through visual clarification of an individual\u2019s identity. An employee who is flagged by the system as being on leave, absent or no longer employed will trigger an automated alert to relevant personnel, who can take swift action.\n\nWith concerns turning to the potential spread of Covid-19 variants, frictionless access control mechanisms ensure a fast and hands-free method of admitting staff to the premises, using surveillance cameras, QR codes, or mobile phone identification to avoid the touching of shared surfaces, minimising cross infection risk. IP audio equipment that is connected to the surveillance system can be used to issue messages, either pre-recorded or in real-time, to remind staff of the importance of maintaining a safe distance from each other and configured to trigger an automated warning message while simultaneously making security personnel aware of any situation.\n\nUnlocking powerful operational insights<\/strong>\n\nEnsuring that only staff who are necessary for day-to-day operations are on site is a sensible way to further minimise infection risk. Remote monitoring and operational insights can be employed to check premises via tablet or mobile, removing any need to enter a site unnecessarily. In fact, access from any location (32%), remote maintenance (31%), and the ability to monitor empty sites (29%) were all identified as key benefits of introducing VSaaS and ACaaS, alongside better security (40%) and better functionality (33%). VSaaS and ACaaS include regular software updates and firmware upgrades, resulting in a solution that is always online and always up to date.\n\nVSaaS and ACaaS are based on a pay-per-use business model which means that systems can be easily scaled up or down in accordance with customer requirements, while monthly recurring payments remove the need for large upfront capital expenditure. Partnering with a trusted physical security provider will ensure delivery of a future-proof system that\u2019s capable of high levels of security while unlocking powerful business intelligence. Managers will benefit from insight into staff movement around the premises and adherence to health and safety protocols for complete peace of mind.\n\nThe evolving threat landscape and the broad range of challenges that the future will bring is something that all companies must consider. Fortunately, cloud-enabled physical security now appears to sit firmly on the agenda. For the banking and finance industry, VSaaS and ACaaS provide a flexible security and business solution that will enable them to meet ever evolving demands and confidently face the future.\n\nFor further insights on VSaaS and ACaaS adoption in Europe, download Morphean's whitepaper:\n\nLandscape Report 2020\/21: Hosted Security adoption in Europe<\/a>\n\nwww.morphean.com<\/a>","post_title":"Opinion | Improving banking security and operations through innovations in cloud","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"opinion-improving-banking-security-and-operations-through-innovations-in-cloud","to_ping":"","pinged":"","post_modified":"2021-05-14 16:19:05","post_modified_gmt":"2021-05-14 15:19:05","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6132","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":6070,"post_author":"48","post_date":"2021-05-12 13:00:28","post_date_gmt":"2021-05-12 12:00:28","post_content":"\n

Employee safety is a top priority in retail stores, bank branches, and similar applications. Using Bosch's method of integrating the intrusion system's panic buttons or bill trap sensors with the radio dispatch system, this can provide added security by alerting security personnel to high-risk situations.<\/p>\n\n\n\n

\nhttps:\/\/www.youtube.com\/watch?v=-Erg_9Y9y28&ab_channel=BoschSecurityandSafetySystems\n<\/div><\/figure>\n\n\n\n

https:\/\/www.boschsecurity.com\/gb\/en\/<\/a><\/p>\n","post_title":"Bosch Security Systems | Assuring employee safety","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bosch-security-systems-assuring-employee-safety","to_ping":"","pinged":"","post_modified":"2022-07-11 20:22:00","post_modified_gmt":"2022-07-11 19:22:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=6070","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5921,"post_author":"3","post_date":"2021-04-30 17:35:38","post_date_gmt":"2021-04-30 16:35:38","post_content":"Reiknistofa bankanna (RB), an IT service provider for Icelandic financial institutions, has recently overhauled its security infrastructure with Genetec Security Center. Following a project from systems integrator Hafnes Ehf, RB is now using Genetec to manage its cameras, access control and video analytics through a single interface.\n\nRB is a provider of mission-critical IT systems for Icelandic financial institutions, responsible for the country\u2019s central clearance and settlement system, and a number of multi-tenant core banking solutions. RB places a very high importance on security, not only to ensure its data stays safe, but also to protect employees and visiting clients. While its server rooms and offices were protected via disparate video and access control systems, the technology was old, and maintenance was becoming both a financial and an operational burden.\n\nRB operates its solutions across multiple data centres in a shared, multi-bank environment. This requires a system that brings video and access control into a single solution. As an open unified platform, Genetec Security Center was reportedly chosen as it simplified daily security operations, allowed for further integration with other tools such as RB\u2019s heating and cooling systems, and delivered business-wide value.\n\n\u201cFrom day one we wanted a unified system which could help our teams understand the situation quickly; alerting them if anything required their attention,\u201d said Geir S\u00e6mundsson, Datacentre Manager at Reiknistofa bankanna. \u201cThe Genetec solution does just this and is allowing us to build-in customised alerts so we gain business intelligence \u2013 providing us with better ROI.\u201d\n\n\u201cPhysical security teams are demanding simplicity and greater functionality,\u201d added Anthonie van der Ploeg, Director of Sales for Benelux & Nordics at Genetec. \u201cUnification can offer them both by bringing together all security system components seamlessly in a single software platform in a way that can vastly improve security management. We are delighted that Iceland\u2019s Reiknistofa Bankanna has experienced the deep business insights Genetec Security Center is capable of delivering and we look forward to supporting them as they evolve and grow their operations.\u201d\n\n\u201cThe time savings delivered by Genetec have been immense,\u201d concluded S\u00e6mundsson. \u201cIt\u2019s been a worthwhile investment, especially as it can evolve with us, and allows us to move at our chosen speed. Considering its ease of use, deep integration and leading analytics, we look forward to continuing the partnership over the coming years.\u201d\n\nwww.genetec.com<\/a>","post_title":"Genetec protects Iceland\u2019s financial services backbone","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"genetec-protects-icelands-financial-services-backbone","to_ping":"","pinged":"","post_modified":"2023-01-23 10:33:37","post_modified_gmt":"2023-01-23 10:33:37","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5921","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":5156,"post_author":"3","post_date":"2021-03-04 08:47:26","post_date_gmt":"2021-03-04 08:47:26","post_content":"Bothwell Exchange, a new construction commercial space in Glasgow, Scotland, has installed an array of Boon Edam\u2019s Speedlane Slide optical turnstiles in the lobby and two TQA automatic revolving doors at the main entrance to control access.\n\nBothwell Exchange is a 9-storey, 155,000 sq. ft. commercial building located at 122 Waterloo Street in Glasgow, Scotland\u2019s International Financial Services District (IFSD). The location houses various international banking giants, as well as a gym, a kitchen and other amenities for employees. Architectural firm Michael Laird Associates led the design of the project, to create modern design with an open, column-free look and feel.\n\nWhen the project was completed, Bothwell Exchange was named the first development in Scotland to achieve the Platinum Wiredscore Certification, demonstrating that the building goes above and beyond to meet its tenants\u2019 connectivity needs. Bothwell Exchange was also awarded a BREEAM Excellent Rating, a performance standard which measures a building\u2019s sustainable value in a series of categories, ranging from energy to ecology.\n\nThe architects wanted to incorporate an automatic revolving door into the entrance of the building. Revolving doors are \u201calways open, always closed,\u201d meaning that no matter the position of the door, there is always a seal between the outside environment and the interior building. This helps save on energy costs and lobby space, without slowing down traffic. In consideration of these benefits, it was decided that the Bothwell Exchange entrance would consist of two automatic, 4-wing TQA revolving doors finished in 316 stainless steel. Additionally, for added security after hours, each door was outfitted with an external night sliding door set that completely seals the throat opening and can be locked to deter intruders.\n\nDuring the construction phase of building design, the architects communicated a need to incorporate security measures into the open lobby without impairing the flow of traffic in and out of the building. After a discussion around the estimated traffic needs of the building, the team decided to install a four-lane array of Speedlane Slide optical turnstiles to control unauthorised entry while still allowing 20-30 people per lane to enter each minute. To handle multiple types of traffic, the turnstile array was comprised of three standard-width lanes and one ADA-width lane. The wide lane would accommodate both employee traffic and the occasional wheelchair or delivery.\n\nwww.boonedam.com<\/a>","post_title":"Bothwell Exchange installs Boon Edam turnstiles and revolving doors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"bothwell-exchange-installs-boon-edam-turnstiles-and-revolving-doors","to_ping":"","pinged":"","post_modified":"2021-03-04 08:47:30","post_modified_gmt":"2021-03-04 08:47:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=5156","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4810,"post_author":"3","post_date":"2021-02-03 15:16:33","post_date_gmt":"2021-02-03 15:16:33","post_content":"Dahua Technology UK and Ireland has created a feature-rich virtual experience dubbed the Virtual Innovation Centre as a way to counter the continued absence of face-to-face trade events during the pandemic.\n\nThe innovation centre features immersive virtual reality, where visitors are able to walk through a pavilion and see Dahua\u2019s latest product and technology innovations. Visitors can select an automatic tour of the entire pavilion to get an overview on what is on offer, with the option of stopping at particular exhibits to drill down to the level of detail they require. Alternatively, visitors can navigate the pavilion at their own pace, stopping off wherever they like. Users can visit the site around the clock, and there is no limit to the number of times it can be accessed.\n\n\u201cWe are thrilled by the launch of our Virtual Innovation Centre, which has been carefully planned and designed to give users the optimum experience from the comfort and safety of their own homes or offices,\u201d said Michael Lawrence, Marketing Director for Dahua UK & Ireland. \u201cIt is the closest thing visitors can get to a live physical exhibition, but with the addition of a wealth of multimedia and online content.\u201d\n\nExhibits include: video solutions with AI learning capabilities; a range of temperature monitoring solutions including TMAC, Dahua\u2019s contactless temperature monitoring access control system; smart home and smart retail applications; and video intercom solutions. There are also areas dedicated to specific vertical applications such as smart transport, safe cities, smart retail and smart banking.\n\nvirtual-innovation-centre.dahuasecuritysolutions.co.uk<\/a>","post_title":"Dahua UK and Ireland launches virtual innovation centre","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"dahua-uk-and-ireland-launches-virtual-innovation-centre","to_ping":"","pinged":"","post_modified":"2021-02-03 15:16:35","post_modified_gmt":"2021-02-03 15:16:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4810","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4801,"post_author":"3","post_date":"2021-02-03 09:41:54","post_date_gmt":"2021-02-03 09:41:54","post_content":"Ping Identity has launched PingOne Verify, a cloud service that helps enterprises verify their customers\u2019 identities for rapid account onboarding, authentication and fraud prevention. The new service is the latest addition to Ping Identity\u2019s suite of cloud services for identity and access management (IAM).\n\n\u201cEnterprises need individuals to verify their identity to prevent fraud, but if the verification process is too cumbersome, they risk losing customers in their first interactions with the business,\u201d said Andre Durand, CEO and founder of Ping Identity. \u201cPingOne Verify is a simple way to verify identities that meets all of an enterprise\u2019s security requirements, while giving customers a streamlined, passwordless, onboarding experience.\u201d\n\nPingOne Verify enables enterprises to embed identity verification directly into their customer-facing mobile app. Customers provide live-capture selfies along with an image of their government-issued identification card, such as a driver\u2019s license or passport. The technology leverages \u2018liveness detection\u2019, in which customers\u2019 facial gestures \u2013 like smiling and straight-faced \u2013 are captured in a continuous stream, rather than a single static image, allowing PingOne Verify to ensure the end-user is a real, live person who is able to follow instructions.\n\nThe system uses facial recognition technology to match the live-face capture with the customer\u2019s image on their government ID. Once it is determined to be a match, PingOne Verify then taps into external data services to validate the government ID is not tampered with or modified. The service connects a customer\u2019s verified identity to their mobile device during the initial verification, bypassing the need to scan a government ID on subsequent verifications. The manufacturer states that this approach can lower the overall cost of identity verification for enterprises without impacting security.\n\nPing Identity believes its new service is ideal for companies in regulated industries, such as financial services and insurance, which have strict Know Your Customer (KYC) requirements. The risk level during the first interaction with a customer has high potential for fraudulent activity or account takeover. PingOne Verify could help these enterprises make sure that they are engaging with the right customers from the very first interaction.\n\nwww.pingidentity.com<\/a>","post_title":"Ping Identity launches identity verification service","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"ping-identity-launches-identity-verification-service","to_ping":"","pinged":"","post_modified":"2021-02-03 09:42:00","post_modified_gmt":"2021-02-03 09:42:00","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4801","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4739,"post_author":"3","post_date":"2021-01-30 02:27:00","post_date_gmt":"2021-01-30 02:27:00","post_content":"Software-Defined Trust specialists MagicCube has been appointed to the Board of Advisors at the PCI Security Standards Council (PCI SSC), whose role helps to ensure the security of card payment systems and determines international standards. MagicCube\u2019s CTO and co-founder, Nancy Zayed, will sit on the board.\n\n\u201cThe Board of Advisors provides industry expertise and perspectives that influence and shape the development of PCI Security Standards and programmes,\u201d said Lance J Johnson, PCI SSC Executive Director. \u201cWe look forward to working with MagicCube in our efforts to help organisations secure payment data globally.\u201d\n\nMagicCube\u2019s appointment is the first of a startup to the Board, which includes the likes of Amazon, JPMorganChase, Citi and PayPal, and the first of a Software-Defined Trust (SDT) platform designed for payments.\n\n\u201cWe rely on input from the Board of Advisors to develop data security standards and programmes that help businesses globally detect, mitigate and prevent cyberattacks and breaches,\u201d said Troy Leach, PCI SSC SVP Engagement Officer. \u201cWe\u2019re pleased to have MagicCube on the PCI SSC Board of Advisors to provide critical insights and help us build on the great efforts that are already being done to increase payment security globally.\u201d\n\n\u201cWe\u2019re extremely proud to have been elected to join the PCI Security Standards Council\u2019s Board of Advisors to continue our work on advising in the development of the PCI Security Standards,\u201d said Zayed. \u201cWe are hoping to share and contribute our experience in providing innovative provable software security technologies designed to come to par with hardware-based security yet competes with it in terms of practicality and ease of adoption, therefore enriching solutions\u2019 availability and extending optionality and speeds of adoption. Our objective of working within the Council to create and advance the standards for adopting new security technologies delivers on the Council\u2019s mission of maintaining the same high level of security of large volume of transactions across the many forms and configurations of payment platforms.\u201d\n\nwww.magiccube.co<\/a>","post_title":"MagicCube appointed to PCI Security Standards Council Board of Advisors","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"magiccube-appointed-to-pci-security-standards-council-board-of-advisors","to_ping":"","pinged":"","post_modified":"2021-01-29 16:34:21","post_modified_gmt":"2021-01-29 16:34:21","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4739","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4516,"post_author":"3","post_date":"2021-01-11 10:23:32","post_date_gmt":"2021-01-11 10:23:32","post_content":"A third-party file sharing service used by the Reserve Bank of New Zealand \u2013 Te P\u016btea Matua to share and store some sensitive information, has been illegally accessed. Governor Adrian Orr stated that the breach has been contained, but that it would take time to determine the impact.\n\n\u201cWe are actively working with domestic and international cyber security experts and other relevant authorities as part of our investigation,\u201d said Orr. \u201cThis includes the GCSB\u2019s National Cyber Security Centre which has been notified and is providing guidance and advice. We have been advised by the third party provider that this wasn\u2019t a specific attack on the Reserve Bank, and other users of the file sharing application were also compromised.\u201d\n\nThe bank is working to understand the nature and extent of information that has been potentially accessed. However, it warns that it may include some commercially and personally sensitive information. The bank reports that the breached system has been secured and taken offline and that it is working with system users whose information may have been accessed.\n\n\u201cOur core functions and New Zealand\u2019s financial system remain sound, and Te P\u016btea Matua is open for business. This includes our markets operations and management of the cash and payments systems,\u201d concluded Orr.\n\nwww.rbnz.govt.nz<\/a>","post_title":"Reserve Bank of New Zealand suffers data breach","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"reserve-bank-of-new-zealand-suffers-data-breach","to_ping":"","pinged":"","post_modified":"2021-01-11 10:23:35","post_modified_gmt":"2021-01-11 10:23:35","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4516","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4205,"post_author":"3","post_date":"2020-12-09 12:09:02","post_date_gmt":"2020-12-09 12:09:02","post_content":"Idemia has signed a deal with Rocker to enhance contactless payment security for the blue-chip Swedish FinTech and bank challenger. The agreement will see Idemia\u2019s F.CODE biometric payment cards undergo a proof of concept with Rocker customers during the first quarter of 2021.\n\n\u201cAs a bank challenger, we are constantly testing new technology to develop smarter financial services that are easier to use and that help our customers improve their everyday financial lives,\u201d stated Jonas Hultin, Chief Product Officer and one of Rocker\u2019s three founders. \u201cWe are moving at a high pace to provide new and attractive innovations to customers. Launching biometric F.CODE debit cards is part of our strategy to offer smart and secure payment solutions across platforms, whether you wish to pay with your mobile, a card or with a transfer. In doing so, we are first in Sweden and one of the first in the world to offer this payment technology for consumers.\u201d\n\nThe deal marks the first ever-biometric card proof of concept in Northern Europe and will see payments using the card fingerprint-checked in store. The F.CODE payment card adopts a biometric authentication procedure making transactions quicker, more hygienic and more secure as cardholders no longer need to enter a PIN or sign. The solution ensures security by storing all biometric credentials only in the chip on the card, rather than in a remote database.\n\nThe battery-free card that will be rolled out in mid-2021 following the proof of concept is powered by the payment terminal and is designed to be user-friendly. Rocker aims to offer the F.CODE card as a new service in its growing offering of retail financial services that are easier to use, more flexible and better priced. The proof of concept will be completed by the first quarter of 2021.\n\n\u201cWe are proud to partner with Rocker and to shape the future of payments, hand in hand with a FinTech at the cutting edge of innovation,\u201d said Amanda Gourbault, IDEMIA\u2019s Executive Vice-President Financial Institutions. \u201cWe are delighted to ensure an innovative yet seamless experience to Rocker\u2019s customers thanks to the use of biometrics.\u201d\n\nwww.idemia.com<\/a>","post_title":"Idemia partners with Rocker to offer the first biometric card in Sweden","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"idemia-partners-with-rocker-to-offer-the-first-biometric-card-in-sweden","to_ping":"","pinged":"","post_modified":"2022-12-14 16:10:48","post_modified_gmt":"2022-12-14 16:10:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4205","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4155,"post_author":"3","post_date":"2020-12-04 15:36:00","post_date_gmt":"2020-12-04 15:36:00","post_content":"

Thales has launched the Gemalto Intelligent Double-sided ID Card Reader CR5400i, a product it describes as the world\u2019s only double-sided ID card reader and the first to be able to examine ID cards or driving licenses in the cloud in less than four seconds.<\/p>\n

The manufacturer states that its reader protects businesses from fraud and forgery thanks to sophisticated mechanisms for superior document authentication. The \u201ci\u201d version permits multiple intelligent readers to be centrally connected via Wi-Fi for organisations that need to deploy a fleet of readers. The compact device can also be set up, managed and serviced remotely.<\/p>\n

To use the device, a user inserts their ID card into the reader which reads both sides of the card simultaneously. Once this action is complete, a LED changes from blue to green and the ID is ejected and returned to its owner with no physical interaction between the user and operator.<\/p>\n

\u201cAt Thales we are committed to bring both convenience and security to the ID verification process. With the new double-sided reader the user experience is smooth while the service provider can fight ID fraud benefitting from a flexible and easy-to-integrate solution,\u201d said James MacLean Director of Document Reading Solutions at Thales. \u201cIn addition, the Covid-19 context has brought new challenges that Thales\u2019 intelligent ID card reader answers with its touch-free feature.\u201d<\/p>\n

www.thalesgroup.com<\/a><\/p>\n \n\n ","post_title":"Thales unveils double-sided ID card reader","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"thales-unveils-double-sided-id-card-reader","to_ping":"","pinged":"","post_modified":"2020-12-03 17:38:48","post_modified_gmt":"2020-12-03 17:38:48","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4155","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4079,"post_author":"3","post_date":"2020-11-27 17:28:17","post_date_gmt":"2020-11-27 17:28:17","post_content":"The Australian Prudential Regulation Authority (APRA) has released its Cyber Security Strategy for 2020 to 2024. The strategy seeks to lift cybersecurity standards further and introduce heightened accountability where companies fail to meet their legally binding requirements. Most notably, it also aims to extend APRA\u2019s reach beyond its regulated entities to influence the broader eco-system of suppliers and providers they rely upon.\n\nIn a speech to the Financial Services Assurance Forum, APRA Executive Board Member Geoff Summerhayes stated: \u201cTo date, no APRA-regulated bank, insurer or superannuation fund has suffered a material cyber breach, but our view that it\u2019s only a matter of time until a major incident occurs hasn\u2019t changed. Although the financial industry takes cyber risk seriously, there is room for improvement. For example, too many boards still lack visibility or understanding of the problems, while internal audit functions can lack the specialist skills to challenge boards and management to plug urgent gaps.\u201d\n\nThe new strategy builds on APRA\u2019s previous strategic initiatives including the delivery of its information security prudential standard and prudential guidance, and establishing a notification and response process for material cyber incidents.\n\n\u201cThe Strategy has been informed by extensive consultation with the Department of Home Affairs, as well as Treasury, ASIC and the Reserve Bank of Australia, and is designed to complement Australia\u2019s Cyber Security Strategy 2020,\u201d explained Summerhayes. \u201cOur mission is to make a step change in Australia\u2019s financial system cyber resilience. Our vision is for a financial system that can stand firm against cyber-attacks.\u201d\n\nThe Strategy comprises three primary focus areas. First is to establish a baseline of cyber controls by reinforcing the embedding of non-negotiable cyber practices. The second priority is to enable boards and executives of financial institutions to oversee and direct correction of cyber exposures. The final branch of APRA\u2019s new strategy is to rectify weak links within the broader financial eco-system and supply chain by fostering the maturation of provider cyber-assessment and assurance, and harmonising the regulation and supervision of cyber across the financial system.\n\n\u201cAs the threat posed by domestic and international cyber adversaries grows, along with the potential impact of a successful attack, we must remain on guard and continue to build our defences,\u201d concluded Summerhayes. \u201cIn an environment where an attack on one of us could be an attack on any of us, we are all \u2013 governments, regulators, organisations and individuals \u2013 links in a chain \u2013 and we are in this battle together. By sharing information and expertise, pooling resources and taking prompt action to plug gaps and fix weak links, we create a community of cyber defenders that is greater than the sum of its parts. In doing so, we help to keep the chain as strong as possible, and lock out those who would do us harm.\u201d\n\nwww.apra.gov.au<\/a>","post_title":"APRA releases new cybersecurity strategy","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"apra-releases-new-cybersecurity-strategy","to_ping":"","pinged":"","post_modified":"2020-11-27 17:28:22","post_modified_gmt":"2020-11-27 17:28:22","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4079","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":4000,"post_author":"3","post_date":"2020-11-17 13:49:56","post_date_gmt":"2020-11-17 13:49:56","post_content":"ESET researchers have discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates stolen from two different companies. The attack was made easier for Lazarus as South Korean internet users are often asked to install additional security software when visiting government or internet banking websites.\n\n\u201cTo understand this novel supply-chain attack, you should be aware that Wizvera VeraPort, referred to as an integration installation program, is a South Korean application that helps manage such additional security software. When Wizvera VeraPort is installed, users receive and install all necessary software required by a specific website. Minimal user interaction is required to start such software installation,\u201d explained Anton Cherepanov, ESET researcher who led the investigation into the attack. \u201cUsually this software is used by government and banking websites in South Korea. For some of these websites it\u2019s mandatory to have Wizvera VeraPort installed.\u201d\n\n\u201cWhile the Wizvera software does exhibit security maturity and offers a safeguard to cyber threats, it only does what the configuration file instructs,\u201d observed Boris Cipot, senior security engineer at Synopsys. \u201cIn other words, the file informs Wizvera on which software it should install. All that hackers had to do was find the websites that were easiest to breach. Once breached, the attacker could then replace legitimate binaries with malicious ones. This enables Wizvera to install malicious software on visitors\u2019 devices.\u201d\n\nAdditionally, the attackers used illegally obtained code-signing certificates in order to sign the malware samples. One of these certificates was issued to the US branch of a South Korean security company. \u201cThe attackers camouflaged the Lazarus malware samples as legitimate software. These samples have similar file names, icons and resources as legitimate South Korean software,\u201d says Peter K\u00e1lnai, ESET researcher who analysed the Lazarus attack with Cherepanov. \u201cIt\u2019s the combination of compromised websites with Wizvera VeraPort support and specific VeraPort configuration options that allows attackers to perform this attack.\u201d\n\n\u201cWhat has transpired here highlights how cybersecurity does not operate within a vacuum,\u201d added Stuart Sharp, VP of Technical Services at OneLogin. \u201cMaintaining good cybersecurity requires keeping an eye on the basics, and ensuring that the organisations you partner with in the supply chain do as well - as the saying goes, your security is only as strong as your weakest link. In this instance, the South Korean government should ensure that the software manager verifies the owner of the certificate, and that all organisations within their supply chain are adhering to a standard set of cyber hygiene rules as well as performing regular security audits. This is particularly true if they are requiring users to download software to access certain services.\u201d\n\n\u201cThis attack by Lazarus group is yet another example of how cybercriminals will try to compromise the supply chain at any weak spot to gain access,\u201d agreed Javvad Malik, Security Awareness Advocate at KnowBe4. \u201cIt's therefore essential that all organisations have effective and robust security controls in place to maintain the integrity of their supply chains and the security of transactions which take place across them. We saw Petya ransomware spread through most of Ukraine due to a compromised tax filing software. Government departments in particular need to keep a close eye on mandatory software or portals which, if compromised, can quickly have large impacts.\u201d\n\n\u201cThis is yet another case of cybercriminals finding loopholes in security procedures,\u201d concluded Cipot. \u201cBased on feedback from ESET researchers, the easiest prevention of such an attack would be to provide hashes on the binaries in the configuration files. That way, the binary cannot be installed if the hashes do not match. Unfortunately, skipping this extra security step has allowed attackers to abuse the otherwise robust system. We see this often, where misconfiguration can lead to significant consequences. While typically we hear about instances of misconfigured S3 buckets, in this case, it was a misconfigured instruction file.\u201d\n\nwww.eset.com<\/a>","post_title":"ESET Research discovers Lazarus attack in South Korea","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"eset-research-discovers-lazarus-attack-in-south-korea","to_ping":"","pinged":"","post_modified":"2020-11-17 13:49:59","post_modified_gmt":"2020-11-17 13:49:59","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=4000","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3655,"post_author":"3","post_date":"2020-10-21 17:06:04","post_date_gmt":"2020-10-21 16:06:04","post_content":"

HID Global has been working with banking software manufacturer Temenos to expand the features of its multi-factor authentication solution that are available to Temenos Infinity users. HID\u2019s risk-based authentication solution is pre-integrated with Temenos\u2019 digital front office product, Infinity.<\/p>\n

<\/p>\n

\u201cHID is committed to helping Temenos customers meet today\u2019s extraordinary demand for safe and secure access to mobile and online banking services as a result of the current global health crisis,\u201d said Brad Jarvis, Vice President and Managing Director of the Identity & Access Management Solutions with HID Global. \u201cWe are ensuring that Temenos Infinity users can benefit from the broadest range of capabilities in our risk-based authentication solution, from onboarding and transaction signing through self-service and management.\u201d<\/p>\n

<\/p>\n

HID\u2019s offering supports the latest Temenos Infinity capabilities through its HID ActivID Authentication Platform featuring the HID Risk Management Solution with real-time risk profiling technology. Temenos Infinity users now benefit from a wide range of options for authentication and onboarding, including static passwords, multiple types of One Time Passwords (OTPs) and FIDO hardware authenticators, and mobile push notification leveraging public key cryptography. In addition to this, further capabilities include <\/a>pre-integrated HID Identity Verification Service capabilities that simplify and enhance digital identity self-service and management while increasing administrative visibility.<\/p>\n

<\/p>\n

\u201cAs the leader in banking software, we know that the need for modern digital banking in this \u2018New Normal\u2019 will be greater than ever,\u201d said James Holland, Director of Product Security with Temenos. \u201cTemenos is helping banks support today\u2019s surge in digital banking volumes while also ensuring that these interactions are secure at every point, including the consumer\u2019s device where they are initiated.  We welcome these new capabilities from HID Global.\u201d<\/p>\n

<\/p>\n

<\/p>\n

www.hidglobal.com<\/a><\/p>","post_title":"HID Global expands multi-factor authentication features for Temenos Infinity","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"hid-global-expands-multi-factor-authentication-features-for-temenos-infinity","to_ping":"","pinged":"","post_modified":"2023-01-23 10:57:39","post_modified_gmt":"2023-01-23 10:57:39","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3655","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3642,"post_author":"3","post_date":"2020-10-21 11:14:26","post_date_gmt":"2020-10-21 10:14:26","post_content":"

Mastercard has partnered with IDEMIA and MatchMove for its first pilot in Asia of a biometric card that uses a fingerprint to authorise transactions at in-store payment terminals. The card, with the product name F.CODE Easy, is said to make transactions more convenient, safe and secure by eliminating the need for a cardholder to provide a PIN number or signature, thereby reducing touch points in public places.<\/p>\n

<\/p>\n

Developed by IDEMIA in accordance with Mastercard\u2019s technical and design specifications, F.CODE Easy stores all biometric credentials on the card chip rather than a central database. The battery-free card, which harvests energy from payment terminals to power its fingerprint sensor, is designed to be user-friendly and is certified to ISO standards by Mastercard for security and compliance.<\/p>\n

<\/p>\n

MatchMove, a Banking as a Service provider in Singapore, will issue the biometric cards for the pilot in the fourth quarter of 2020. The pilot will feature employees of Mastercard, IDEMIA and MatchMove using the cards for transactions and live demonstrations for customers.<\/p>\n

<\/p>\n

\u201cAs people make a permanent move to contactless transactions, the biometric card promises more choice and greater security for consumers,\u201d said Matthew Driver, Executive Vice President, Services, Asia Pacific, Mastercard. \u201cWith Mastercard\u2019s focus on digital commerce, this solution is a testament to the innovative partnerships Mastercard cultivates and its mission to provide fast, frictionless payment experiences that are protected at every point.\u201d<\/p>\n

<\/p>\n

\u201cWe are proud to celebrate this milestone on our journey to shaping the future of payments into one powered by biometrics,\u201d said Vincent Mouret, Senior Vice President of Financial Institutions Asia Pacific at IDEMIA. \u201cWe are delighted to partner with Mastercard and MatchMove to launch F.CODE Easy in Asia and we look forward to continuing to work together to provide end-to-end security for fintechs.\u201d<\/p>\n

<\/p>\n

\u201cWe are excited to partner with IDEMIA and Mastercard to pioneer cutting-edge solutions that empower our customers to make safe and secure payments,\u201d said Amar Abrol, Chief Commercial Officer at MatchMove. \u201cBy leveraging F.CODE Easy, we can enable multiple use cases for our clients who in turn create greater value and utility for their customers, employees, suppliers and partners. We look forward to working together and introducing new innovative solutions to the market.\u201d<\/p>\n

<\/p>\n

www.idemia.com<\/a><\/p>","post_title":"Mastercard, IDEMIA and MatchMove pilot biometric Card in Asia","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"mastercard-idemia-and-matchmove-pilot-biometric-card-in-asia","to_ping":"","pinged":"","post_modified":"2022-12-14 16:11:10","post_modified_gmt":"2022-12-14 16:11:10","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3642","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"},{"ID":3400,"post_author":"3","post_date":"2020-10-16 17:52:28","post_date_gmt":"2020-10-16 16:52:28","post_content":"Zimperium discusses the security and privacy issues found in 400 mobile banking and payment apps distributed in the EMEA region.","post_title":"Security and risk findings in the top 400 EMEA mobile banking apps","post_excerpt":"","post_status":"publish","comment_status":"open","ping_status":"open","post_password":"","post_name":"security-and-risk-findings-in-the-top-400-emea-mobile-banking-apps","to_ping":"","pinged":"","post_modified":"2020-10-16 17:52:30","post_modified_gmt":"2020-10-16 16:52:30","post_content_filtered":"","post_parent":0,"guid":"http:\/\/securityonscre.wpenginepowered.com\/?p=3400","menu_order":0,"post_type":"post","post_mime_type":"","comment_count":"0","filter":"raw"}],"next":false,"prev":false,"total_page":1},"paged":1,"column_class":"jeg_col_2o3","class":"epic_block_14"};

\n