The consensus among major research firms (Gartner, NIST, Thales) is that we are entering an era of “Identity Fragility,” where the existing vulnerabilities in MFA Authentication methods are being industrialized by increasingly sophisticated and more easily usable deep fake AI tools.
This is compounded by global political uncertainty with the incentive for antagonistic nation states to sponsor offensive Cyber-attacks.
Multi-factor authentication (MFA) will remain essential over 2026–2027, but attackers are already bypassing it at scale by exploiting the seams around tokens, devices, enrolment, and users rather than breaking the underlying cryptography. ***Click Here for the White Paper ***
MFAs are not what they are cracked up to be
MFA products are not all that they are cracked up to be; a lot are cracked.Android malware can steal Google Authenticator 2FA codes! A new version of the "Cerberus" Android banking trojan will be able to steal one-time codes generated by the Google Authenticator app...
Chinese hacker group caught bypassing RSA SecurID
Fox-IT say they found evidence that a group known as APT20, believed to operate on the behest of the Beijing government has been bypassing RSA two-factor authentication in a recent wave of attacks. “We have identified victims of this actor in 10 countries, in...
High Grade, full featured Identity Platform
We are delighted to have early picked out the attractive approach ( open source, open standards, rich functionality ) of WSO2. We have completed a closely coupled CASQUE integration with their Identity Server. The combination provides a high grade, fully featured,...
Identity Assurance Positioning
This document summaries the reasons for the positioning dispositions of various authentication methods and their associated Identity Management Capabilities. Written with the admitted selected bias of the author but the arguments are sound and defensible - click to...
High Grade Identity Assurance for the Cloud
This presentation shows how CASQUE provides Enterprise owned and controlled, high grade, federated, Identity Assurance for Web Applications Click to access the pdf presentation
Securing Applications using WSO2 Identity Server and CASQUE
WSO2 Identity Server is an extensible, open source solution to federate and manage identities across both Enterprise and Cloud environments including APIs, mobile, and Internet of Things devices, regardless of the standards on which they are based. The Identity...
Technology Partnership Announced
Pleased to announce that ObjectTech will use CASQUE SNR to protect access to their Identity Systems. ObjectTech is one of 5 young companies Forbes expects to make an impact on the world that are ones to watch in 2019 and beyond. Click for more details
The Case against Adaptive Authentication
We believe the fashionable trend for “Adaptive Authentication” where Identity is determined by a software only technique based on the User’s “Use Profile” is flawed both in design principle and operation. The Whitepaper details the weaknesses in this approach and...
CASQUE SNR adds High Grade Identity Assurance to CISCO ASA
Organisations may want to utilise Cloud resources provided by AWS, Google Cloud or Azure but want to own and operationally control their Identity Access. There is a trend to offer “Virtual Appliances” - software versions of previously dedicated hardware gateway units...
UK Government issues minimum cyber security standards
These cyber-security standards which will now be incorporated into the Government Functional Standard for Security, obliging government departments and suppliers to comply. “Multi-factor authentication shall be used where technically possible, such as where...