Secure by design – solving online fraud through better user experiences

/in


YARMOUTH, Maine — In 2022 a hacker was able to breach the network of Medibank, an Australian-based healthcare provider, and what resulted was the theft of 9.7 million people’s private data for consumption on the internet.

How did this data breach occur? According to reports an IT contractor with access to the passwords and credentials of multiple accounts had malware on their PC, giving bad actors access to Medibank’s systems, an egregious error that could have been prevented if the company had required Multifactor Authentication (MFA), according to the Australian Information Commissioner (AIC).

However, there are some people who challenge that assessment and call for better security through design, like Dan Pinto.

“The traditional mindset around security in many organizations has been focused solely on maximizing protection, often at the expense of user experience,” Pinto said. “The assumption has been that security and convenience are inherently at odds — that you have to sacrifice one to optimize the other. I believe this is an outdated way of thinking.”

Pinto is the CEO and co-founder of Fingerprint, which calls itself the world’s most accurate device identifier. It’s a company that champions helping other companies with their data security and fight the ongoing battle against online fraud. For Pinto, the solution to better security lies in ease of use.

“Users today expect seamless, frictionless experiences,” he said. “Overly burdensome security measures, like frequent two-factor authentication inputs, breed user frustration and disengagement. Poorly implemented security controls like flawed OAuth configurations can directly lead to data breaches, completely undermining the intended security benefits.”

He continues, “Technology leaders need to embrace a ‘secure by design’ mindset, proactively integrating robust security into software design from the beginning in order to enhance user experience, rather than bolting it on as an afterthought. This involves a few key principles:”

1. Prioritize user experience as heavily as you do security. Make them equal design goals, not competing priorities.

2. Leverage modern,…

Source…