6. Why do we
need this?
Usernames & Passwords can be stolen!
• Phishing attacks
• Same credentials across apps
• Key-loggers
• Educated guesses, social engineering
2FA prevents attackers from accessing your account even
if they obtain your username and password.
Mandated in Version 3.2 of the PCI Data Security
Standard
10. What can we add?
Physical
Biometric
▸ immutable and
unique
• Facial recognition
• Iris Scan
• Retinal Scan
• Fingerprint Palm
Scan
• Voice
• Liveliness biometric
factors include:
• Pulse.
CAPTCHA;
etc
Behavioral/Biometric
• based on person’s
physical
behavioural activity
patterns
• Keyboard
signature
• Voice
Who You Are
Biometric
what you
know
what you
have
what you
Do
Context
• User Name and
Password
(UN/PW),
• A passphrase
• a PIN
• An answer to a
secret question
• One Time
Password
(OTP)
• Smart card
• X.509 and
PKI
• Rarely
used alone
• Used in
combinatio
n with
UN/PW
and a PIN
• Browsing
patterns
• Time of
access
• Type of
device
• Used in
Combinati
on with
other
methods
•
• Location;
Time of
access;
• Subscriber
identity
module
(SIM)
• Frequency
of access;
• Used with
other
methods
15. ▸ Feb 1 2018
▸ Multi Factor authentication for everyone
▸ Need to protect both console and non console based access
▸ New requirements 10.8 and 10.8.1 outline that service providers
need to detect and report on failures of critical security control
systems
▸ New requirement 11.3.4.1 indicates that service providers need to
perform penetration testing on segmentation controls every six
months
Highlights
20. THANK YOU!
Any questions?
You can find more about us at:
Onion ID – The Next Generation of Privilege Management
www.onionid.com , sales@onionid.com
Tel: +1-888-315-4745
https://calendly.com/anirban/enterprise-demo/