This alert may not be shared outside your organization, Do Not Repost or send, place on other websites, List servers, or send to others via email, including other associations or parties. Members and Law enforcement use only. Contact us for any permissions. To do otherwise will result in the loss of membership.
Putting One-Time Passwords Out to Pasture
The one-time password — OTP for short — was an ingenious cybersecurity stopgap that worked for a while. But fraud never sleeps, and they’ve cracked the OTP code.
It’s taken on such an important role in identity verification that fraud fighters must now evolve again with innovation to the next barrier to trip up fraudsters. Entersekt Chief Strategy Officer Dewald Nolte and John Ainsworth, president and CEO of credit union service organization (CUSO) Bonifii, joined PYMNTS’ Karen Webster to discuss what the next moves will be.
As to why OTPs are no longer the digital deterrent they once were, Nolte put it down to changing technologies and the sophistication of fraudsters. “If you’re in the security business, you have to evolve. Fraudsters keep changing tactics. Over time, you learn where vulnerabilities are. And if we look at the SMS one-time password, the reality of it is this technology hasn’t changed in any meaningful way over the last two decades.”