Pat Carroll's latest blog on Finextra
is reproduced below:
We now live in the age dominated by social media networking channels in which people feel compelled to tell the world intimate details of their daily lives. This inevitably leads to a tendency to over-share which can cause a whole range of issues, from burglars being able to target the houses of those on holiday, to others unwittingly sharing their telephone number, banking details and security questions online.
Within the past week the LinkedIn data breach issue has appeared in news headlines where more than 6 million encrypted passwords were posted on the web for other hackers to decipher.
The particular problem here is that a lot of information about ourselves is stored on social media sites like LinkedIn and Facebook, so unfortunately, the LinkedIn issue is unlikely to be an isolated incident, especially because it is common practice for people to use the same password for a variety of social media accounts. In reality no one is going to have several hard to remember passwords for all their accounts!
Although we may not be able to prevent criminals from stealing our data, we can stop them from using it to access our bank accounts and guessing answers to our security questions.
If anything, the LinkedIn issue has highlighted that a simple password is now a redundant, unsuitable security method. Social media sites need to start working more closely with security and fraud specialists to build an invisible layer of security so users can log onto their accounts in a more secure way, without having to take five long minutes to do so.
One way in which we can do this is by moving towards voice biometrics for authentication. A voice print, being a dynamic biometric is difficult for an imposter to replicate and therefore plays an important role in a multi-layered approach to authentication, but a voice print can also be screened in real-time against a known database of fraudsters’ voice prints.
It would be great to hear your views on this issue.