When trying to protect customer accounts, managing risk is a hot topic within organizations. In order to build and maintain customer loyalty, providing the best user experience is a high priority. But the best user experience can leave an organization at risk. Managing risk isn’t always about making threat models better or reducing false positives. In some cases you want to add friction when in...
“The ability to put security into the context of the user and in the flow of their regular interactions with your service makes it less necessary for you to have millions of security engineers to monitor what’s going on, because some of that is now in the hands of the consumer where they are able to make those better decisions.” ~ Adrian Ludwig, Atlassian Getting Users Involved In...
Since posting my most recent blog on “I Am An Account Takeover Victim,” I have had many people respond to me with similar stories. All of them named very well known brands that we are familiar with–companies offering global movie streaming, food delivery services, online software, banking, and more. Everyone ranted about the significant amount of time and frustration they went through...
How an organization handles an Account Takeover can have a significant impact on consumer trust and retention. Recently I became a victim and the response has made me re-think about my loyalty to this brand. Here’s what happened: “Email address/account does not exist.” I enter my username and password again and receive the same message. I try password reset and get the same message...