Improving Phishing Prevention with ID Authentication

When two parties need to ensure the other party is trusted, digital signatures are great. The shared key is established after both parties have been authenticated, but the initial authentication is essential to the transaction.Using a shared secret or out-of-band authentication method only verifies an account holder. But what if the account was set up fraudulently? Authenticating digital signatures with out-of-wallet KBA (knowledge based authentication) ensures proper verification of all parties involved.

Standardizing how e-mail receivers perform identity authentication is the main goal of DMARC (the Domain-based Message Authentication, Reporting and Conformance initiative). If you sign an outbound email and someone receives an email from a similar domain but you havent signed it, they should know to reject it. The problem is, DMARC only blocks e-mails if theres a corresponding DMARC record and the signature doesnt match. If there is no record, the email is sent.

There are a few technical challenges and solutions in combating phishing.One of the most prevalent solutions is a digital signature, but they do come with inherent roadblocks. A lot of institutions are relying on old ways like end-user education, training, web-filtering black lists and hiring services and organizations to help take down phish. There is also a problem with consumers not knowing or caring where their e-mails come from. Attackers will keep coming back until an institution has taken proper measures. A lot of conventional phishing prevention practices assume DMARC is the answer and they wont need to do anything to contribute to the monitoring and authentication.

To overcome these challenges we recommend your institution build the right countermeasure by identifying the sources and the nature of each phishing attack. Using big data will allow you to potentially tie together the financial loss to specific phishing sites and enhance your business fraud prevention.

[Contributed by EVS Marketing]