Posted by:
admin
15 years, 12 months ago
I already did some predications over on IDWorld. Of course, if I were afraid to fail I would have a real job. Here are more predictions for 2006:- Phishers, having focused on Europe recently, will again focus on the US with more sophisticated tools.
- Attackers will increasingly target corporations for their HR databases for identity information.
- Strong Authentication will get a big boost from banks, but also from corporations that deploy SSL-based VPNs.
- Web 2.0 and Identity management will meet in 2006 resulting in lots of
discussions about privacy, enterprise vs individual identities etc. Slowly, people will realize that it's really employee vs customers as enterprises will always be providing the services. - People will start talking about permission-based identity services such as a service that will require a users' permission to check a credit report. these ideas will go nowhere because of incentive issues.
- Federated two-factor systems offered by the hardware token vendors will fail miserably. A combination of costs and privacy concerns will kill them, despite signing up one or two high-profile clients whose customers reject it a la Passport.
- 2006 will once again not be the year of biometrics or certificates.
- Someone will come up with an aggregator of user-centric universal identifiers. They will raise a bunch of VC money and fail.
- Confederated identity will take off. This is where a user maintains a handful of identity services and only uses services that support one of those systems. Registration pages are removed in favor of RSS-esque buttons that indicate support various identity services, such as Infocards, which get
- GYMA (Google, Yahoo, Microsoft, AOL) and ebay into the identity game.
- Patent issues with SAML will hamper it's adoption by the GYMA crew.
- Mutual authentication becomes a must have for all financial websites.
- Brokerage accounts will increasingly be targeted by phishers and fraudsters.
- Digital signing and/or transaction authentication will become a hot-topic again as banks and brokerage houses look to thwart session-hijacking trojans.
- Another payment processor will get the death penalty from Mastercard and Visa for a violation of their PCI standards.
- One of the credit reporting agencies will get in hot water for a breach, again.
I suspect the vast majority of these are wrong or that many have already happened and i just forgot.
Share on Twitter Share on Facebook
Recent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)