Questions about protecting user identity

Abrar Siddiqui, Vice President of Engineering at Callsign discusses user identity protection

Users have become increasingly frustrated with passwords, they are difficult to remember and we find that we often have to reset them just to transact with organisations. So much so, that 73% of consumers are wondering why they continue to interact with a business when authenticating online is so difficult.

A lot of this frustration stems from traditional authentication methods where a pin code is sent to the user via SMS to complete the sign-in process. SMS channels were not designed for authentication purposes and are easily compromised. Analog methods such as passwords were not designed for the digital world, and simply digitising an authentication method creates an inherently flawed authenticator. SMS codes also create unnecessary friction and along with a password doesn’t prove that the person is the authorised individual they claim to be. Fraudsters using stolen credentials looks like the genuine user.

Fraudsters are familiar with all these flaws, and without the proper controls in place, they may be just a click away from stealing from an unwitting individual. The UAE has long been attractive for hackers due to the country’s perceived wealth. Around 83% of the UAE companies are seeing an increase in cybercrime attacks through phishing, email spam, malware, etc.

However, companies can take steps to protect their business and their customers from fraudsters. To do so, they need to ask themselves and answer a series of questions when looking at the authentication process to make sure that they know who they are interacting with beyond doubt.

Is the session secure?

This is the first question security leaders should ask themselves, even before looking into a user’s identity. There are instances where scammers use man-in-the-middle attacks to gather information from unsuspecting users through an unsecured website.

By tracking unusual traffic, businesses can detect compromised sessions and secure a user’s digital identity before it’s too late.

Are you engaging with a real human?

Once a session is secure, companies must ask “am I engaging with a real human?” to ensure the user is not a bot.

When someone hears “bot” it’s rarely associated with something good. In the past, bots have made headlines by altering consumers’ perception of the media and even competing with humans. Currently, bot use accounts for 64% of Internet traffic, 39% of which is made up of malicious bots that read information and perform malicious activities.

These bad bots may be engineered to conduct a reverse brute force attack that utilizes stolen information from a data breach, and forces millions of login and password combinations into the system until a match is found. Instead of relying on a CAPTCHA to confirm whether users are human, companies can use behavioural biometrics to passively determine if someone’s physical interactions with a device align with human characteristics.

To read more exclusive features and latest news please see our March issue here.

Media contact

Rebecca Morpeth Spayne,
Editor, Security Portfolio
Tel: +44 (0) 1622 823 922
Email: [email protected]

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Copyright: Security Buyer

ASIS UK Launches “Security is You(th)” Hackathon

ASIS International UK has launched Security is You(th), an initiative designed to engage students and early-career professionals…
Image provided by Veeam

AI and Ransomware: Cutting Through the Hype

Rick Vanover, Vice President Product Strategy, Veeam discusses how It might be the great paradox: Artificial Intelligence (AI)….
Copyright: Security Buyer

AmiViz Partners with Titania

AmiViz announced a strategic distribution agreement with Titania. This collaboration underscores a shared commitment to enhancing…
Oil and Gas

Navigating Africa’s Oil & Gas Industry

A comprehensive analysis of security strategies in Africa’s oil and gas industry, covering physical, cyber, and remote surveillance measures.
blackhat

Black Hat Europe Starts Soon

Black Hat Europe starts Monday and now is the perfect time to start planning your experience. With a full lineup of Keynotes…

VIVOTEK’s All-in-One Software Boosts Operational Efficiency for Enterprises

As demand for high-efficiency security systems rises among large enterprises, the global leading…
Assa Abloy website

WTC Amsterdam enhances security and efficiency with digital access solution

The World Trade Center (WTC) Amsterdam, home to over 300 companies, has upgraded its building security with a streamlined, digital access solution from ASSA ABLOY.
John Maddison website

Fortinet launches Lacework FortiCNAPP to enhance cloud-native security

In an advancement in cybersecurity, Fortinet has announced Lacework FortiCNAPP, providing organisations with visibility and security.
GITEX Global 2024 website

GITEX GLOBAL 2024: AI revolution drives strategic tech innovation

GITEX GLOBAL 2024 concluded on Friday, showcasing artificial intelligence (AI) as a transformative force driving business and economic growth
Scroll to Top