This document discusses identity theft and data security. It begins by explaining how personal data is bought and sold online and the costs associated with different types of personal information. It then discusses a major data breach at Equifax that exposed 143 million consumer records. The effects of such a breach include loss of trust, leadership issues, and a need for early detection and prevention of identity theft. Moving forward, the document argues that identity protection services will be important to block theft and clean up the effects of any future breaches.

1. A New Generation of
Finance
A New Generation of
Finance
Presented by Ariel Saghiv

2. Tarya © 2018, Ariel Saghiv
PRESS RELEASE
$4,000,000,000 VALUATION LOSS

3. A NEW MINDSET FOR DATA SECURITY IS NEEDED
IF ORGANIZATIONS ARE TO STAY AHEAD OF THE ATTACKERS

4. A New Generation of
Finance

5. Tarya © 2018, Ariel Saghiv
-750
BC

6. Tarya © 2018, Ariel Saghiv
2016

7. Tarya © 2018, Ariel Saghiv

8. How it works

9. Our Golden Standard for Privacy
GOLDEN
STANDARD
All data is stored on Tarya’s dedicated
servers which are
• Protected by state-of-the-art Cyber
Defense Systems - made by our
internal intelligence team consisting of
former 8200 members.
• Constantly updated and improved
through Attack Surface Analysis
The strictest compliance with numerous
local and international standards:
• ISO 27001 information security
compliance and certification
• Enforcing the Israeli Privacy Act
• Supervised by the Capital Market
and Insurance Authority
Implementing regulatory, electronic and physical security methods to keep personal
information safe.

10. Should WE be worried?
You

11. Tarya © 2018, Ariel Saghiv
Identity Theft
The fraudulent acquisition and use of a person's private
identifying information, usually for financial gain.
 Virus
 Worm
 Malicious code
 Social Engineering

12. Tarya © 2018, Ariel Saghiv

13. Tarya © 2018, Ariel Saghiv
A Growing Trend
 16.7 million people were affected
with identity fraud in the USA alone
 16.8 billion US$ were stolen!
(Increase 12% from 2016)
 Social security numbers are highly popular
(exceeded credit card number theft)
Javelin Strategy & Research (2017)

14. Tarya © 2018, Ariel Saghiv
https://breachlevelindex.com (2018 H1)

15. Tarya © 2018, Ariel Saghiv
https://breachlevelindex.com (2018 H1)

16. Tarya © 2018, Ariel Saghiv
TYPE OF ID FRAUD THAT CAN IMPACT YOU AND NEEDS
PROTECTION:
49% 16% 10% 6% 4% 3%
Gov’t Documents &
Benefit Information
Credit Cards Phone & Utilities Bank Documents Loan Information
Employee Related
Information
Other – 19% Personal documents pertaining to an individual’s assets or identity
What is Being Stolen?

17. Tarya © 2018, Ariel Saghiv
Opening new credit card or bank accounts in
your name using your $$
Requesting Medical service in
your name
Forging your signature on blank
checks
Buying a car (home, etc.)
by taking out a loan in your name
Authorizing ATM transfers
Giving your name to the police
during an arrest…
WHAT THIEVES ARE DOING
WITH THIS INFORMATION

18. Tarya © 2018, Ariel Saghiv
$1
Drivers license
$20 $100-$400 $20-$200 $20
Social security
number
Diplomas Online payment
services login info
Loyalty accounts
$1000 -
$2000
$5-$110 $1 $1-$10 $1-$1000
Passports (US)
General non-
financial institution
logins
Subscription
services
Medical records
Credit or debit card
(credit cards are more
popular)
It Doesn’t Cost Much Either…

19. Tarya © 2018, Ariel Saghiv
Online Payment Services Account Information
Value depends on the balance of the account
$400-$1000 Balance is worth $20-$50!
$1000-$2500 Balance is worth $50-$120!
2500-$5000 Balance is worth $120-$200!

20. © 2014 TARYA– Proprietary & Confidential

21. Tarya © 2018, Ariel Saghiv
Marketplace
• 90% sold on the dark web
• Tor (*.onion) web sites that have multiple identities
• Identity of the seller and buyer is anonymous

22. Tarya © 2018, Ariel Saghiv

23. © 2014 TARYA– Proprietary & Confidential

24. Tarya © 2018, Ariel Saghiv
Consumers’ Reaction to a Data Breach
48% 33% 19%
MUST BE CONVINCED THE
PROBLEM WAS FIXED
(BEFORE RESUMING BUSINESS)
WOULD
CONTINUE TO DO
BUSINESS
WOULD NO LONGER
CONDUCT BUSINESS
KPMG, Consumer Loss Barometer 2016

25. Tarya © 2018, Ariel Saghiv
Social
Networks
Online
Services
Honest
Users Attackers
REGULATION
EDUCATION / TOOLS LAW ENFORCEMENT
Asymmetry of an Online World

26. Case Study - Equifax Breach
Breach = “Shaming”

27. Tarya © 2018, Ariel Saghiv
143 Million consumers private data records hacked!
– Names
– social security numbers
– birth dates
– home addresses
– driver's license numbers
– 209,000 consumers credit cards
– Tax identification numbers

28. © 2014 TARYA– Proprietary & Confidential
Equifax Breach

29. Tarya © 2018, Ariel Saghiv
Equifax Breach
• Equifax utilized Apache struts for an online dispute portal designed for
customers to log issues with credit reports
• The vulnerability exploited was CVE-2017-5638 - an arbitrary
command execution vulnerability within Apache Struts.

30. © 2014 TARYA– Proprietary & Confidential

31. © 2014 TARYA– Proprietary & Confidential

32. Tarya © 2018, Ariel Saghiv
Breach = “Shaming”
►Leadership
►Management Responsibility
►Transparency
►Organizational Ethics
►Commitment to the Customer

33. From Breach Prevention to Breach Acceptance

34. Tarya © 2018, Ariel Saghiv

35. Tarya © 2018, Ariel Saghiv
THE FUTURE
►Early Warning on identity theft
(What was stolen? What can be done?)
►Blocking Identity theft (as a service)
►Cleanup (after the breach has occurred)
►Trust - currency of the future
The Future
3

36. © 2014 TARYA– Proprietary & Confidential

37. Tarya © 2018, Ariel Saghiv
Identity Protection Products

38. Tarya © 2018, Ariel Saghiv

39. Tarya © 2018, Ariel Saghiv

40. Thank you
www.tarya.co.il