Skip to main content

VOICE AUTHENTICATION

 ARCHANGEL from PT SYDECO

Benoit Grunemwald Cyber security expert, ESET France, in an article published in Globalsecuritymag.fr and entitled AI used by cybercriminals to thwart voice authentication, has just reacted to the discovery by computer scientists at the University of Waterloo of an attack method that would make it possible to bypass security systems using voice authentication with a success rate of almost 99%.

It is concerned about the consequences that this discovery may have when it comes to financial accounts, which it points out "often tend to offer this multifactor authentication layer", and suggests other means of authentication such as "security keys and authentication applications on the grounds that they would be more secure".

Personally, I think that any authentication system is good as long as it is not self-sufficient. In other words, any system is good as long as it is accompanied by a second authentication system, especially if this uses a different access route.

The second authentication system may also consist of another application, provided that it is not installed on the same medium as that used for the first authentication, which offers no guarantee of security if the medium is itself contaminated.

Not only must the second authentication system be used from a different medium that the user has at hand, but it must also be carried out, at the request of the party requiring it, after receipt of the first authentication.

In my opinion, the best authentication system is one that combines two-fold user intervention and a hardware element that is unique to the user and with which he or she cannot interfere.

It was for this three-element authentication system that we opted for SSP©. Secure System of Payment, PT SYDECO's mobile payment solution.

Finally, using a secure connection via a professional VPN, one that not only masks the origin of the call to bypass censorship, but also effectively protects communications, will do no harm, quite the contrary, if the VPN server itself is highly secure, as is the case with ARCHANGEL©2.0 VPN.

It's the eternal dilemma: choose security or ease. These are two attitudes that do not go hand in hand, but sacrificing security for convenience can be very costly.

Similarly, sacrificing prevention for the sake of economy is an unwise choice when you know the damage that a cyber attack can cause.

#Cybersecurity #Authentication #VPN #payment #SSP #Archangel #Sydeco


L’AUTHENTIFICATION VOCALE

Benoit Grunemwald Expert en Cyber sécurité, ESET France, dans un article  publié dans Globalsecuritymag.fr et intitulé  L’IA au service des cybercriminels pour déjouer l’authentification vocale, vient de réagir à la découverte par des informaticiens de l’université de Waterloo d’une méthode d’attaque qui permettrait de contourner les systèmes de sécurité par authentification vocale avec un taux de réussite de près de 100%.

Il s’inquiete des consequences que cette decouverte peut avoir quand il s’agit de comptes financiers lesquels souligne t-il « ont souvent tendance à offrir cette couche d’authentification multifactorielle » et de suggérer d’autre moyens d’authentification tels « les clés de sécurité et les applications d’authentification au motif qu’ils seraient plus sûrs ».

Personnellement je pense que tout système d’authentification est bon pour autant qu’il ne se suffise pas à lui-même. En d’autres mots s’il est accompagné d’un second système d’authentification mais qui utilise une autre voie d’accès ou un autre support.

Le second système d’authentification peut également consister en une autre application à condition toutefois qu’elle ne soit pas installée sur le même support que celui utilisé pour la première authentification, laquelle n’offre aucune garantie de sécurité si le support est lui-même contaminé.

Non seulement le second système d’authentification doit être utilisé au départ d’un support différent que l’utilisateur a, à portée de main, mais encore doit-il être effectué, à la demande de la partie qui la requiert, après réception de la première authentification.

Pour moi, le meilleur système d’authentification est celui qui combine une double intervention de l’utilisateur et un élément matériel qui lui est propre et avec lequel il ne peut interférer.

C’est pour ce système à trois éléments d’authentification que nous avons opté pour SSP©. Secure System of Payment, la solution de paiement mobile de PT SYDECO.

Enfin, l’utilisation d’une connexion securisee par un VPN ne fera aucun mal, que du contraire, si le serveur du VPN est lui-meme hautement securise comme c’est le cas du VPN d’ARCHANGEL©2.0.

C’est l’éternel dilemme : choisir la sécurité ou la facilité. Il s’agit de deux attitudes qui ne vont pas de paire, mais sacrifier la sécurité au profit de la facilité peut s’avérer très couteux.

De même celui de sacrifier la prevention pour des motifs d’economie est un choix peu judicieux quand on connait les degats qu’une cyber attaque peut causer.


Comments

Post a Comment

Popular posts from this blog

 Hospital Security in Question In a recent article titled "Cyberattacks: Public and Private Hospitals, Is the Worst Yet to Come?", Jean-Michel Tavernier1 provides a detailed analysis of why the medical sector is a prime target for hackers. He highlights the vulnerabilities that allow hackers to access sensitive data such as medical records, insurance information, and payment details. The compromise of this data can have severe consequences for individuals' privacy, financial security, and even personal safety, not to mention the financial damage to institutions and the risks to the quality of care provided to patients. System Vulnerabilities Tavernier points to the "excessive interdependence of the entire healthcare chain." Hospitals collaborate with a multitude of interconnected providers and partners, creating numerous opportunities for attackers. He suggests managing the attack surface (ASM), which means controlling and securing all entry points where unautho...
Post a Comment
Read more
                                                                     ERRARE HUMANUM EST   The Inescapable Nature of Human Error and Its Implications in Cybersecurity To err is human; one could even say it is a defining characteristic of humanity. Who has never made a mistake, whether out of distraction, ignorance, or because it was provoked? No one is immune to making mistakes, and most of the time, they are forgivable, even if their consequences can be very damaging. However, the fundamental, unforgivable error is doing nothing to avoid situations that lead to mistakes. Thus, to minimize errors due to distraction, one should avoid multitasking (for example, a surgeon operating should not be distracted by a nurse recounting her latest adventures) and refrain from performing actio...
Post a Comment
Read more

KEUANGAN & DATA PRIBADI PEMAIN GAME ONLINE DALAM BAHAYA

Melindungi Gamer Online: Memahami Risiko dan Solusi Dalam beberapa tahun terakhir, dunia game online telah mengalami pertumbuhan eksponensial, sejalan dengan meningkatnya nilai aset game. Namun, lonjakan popularitas ini juga membawa segudang risiko yang mengancam para pemain dan operator. Dari upaya peretasan dan pencurian akun hingga transaksi yang tidak sah dan eksploitasi data, bahaya yang mengintai di dunia digital selalu ada. Mengingat tantangan-tantangan ini, sangat penting untuk menjelaskan pentingnya langkah-langkah perlindungan yang kuat dan solusi inovatif. Memahami Lanskap Aset game, yang terdiri dari mata uang virtual, item, dan akun, adalah sumber kehidupan ekonomi game online. Nilainya melampaui ranah virtual, bahkan sering kali melampaui transaksi di dunia nyata. Meskipun demikian, perlindungan konsumen tradisional yang diberikan oleh layanan perbankan dan pembayaran tidak ada di ranah game. Operator platform game sering kali mengadopsi pendekatan laissez-faire, membuat ...
Post a Comment
Read more