Blog - Secret Double Octopus

What’s the difference between authentication and authorization?

In order to protect sensitive data and operations from unwanted access by intruders and malicious actors, developers integrated authentication and authorization features into their applications. Whether you’re running a banking app, a social media website or a blogging platform, these are the two key functionalities that will seal your application against security incidents. While the two terms are often used interchangeably, authentication and authorization represent [...]

By Secret Double Octopus Staff| 2017-09-19T11:34:11+00:00 September 19th, 2017|Blog|

The NIST guidelines and what they mean for the future of SMS authentication

The inherent weaknesses in SMS authentication are demonstrated time and again.

By Samuel Siskind| 2017-09-12T17:50:04+00:00 September 12th, 2017|Blog|

Inherent security flaws of single-sign-ons

The popularity of identity management single sign-on solutions

By Secret Double Octopus Staff| 2017-09-14T11:19:42+00:00 September 7th, 2017|News|

SS7 – Yet Another Achilles Heal for SMS Authentication

A series of recent bank fraud hacks throughout Germany highlights the inefficiency of SMS as a second authentication method.

By Samuel Siskind| 2017-09-14T11:55:19+00:00 September 6th, 2017|Blog|

The password needs to die and better UX will kill it

With all their drawbacks, passwords have remained popular mostly because people are used to them. User experience, it turns out, is a major driver of security for users.

By Secret Double Octopus Staff| 2017-09-14T12:02:34+00:00 September 2nd, 2017|News|

What you need to know about the General Data Protection Regulations

GDPR is a major concern for CISO’s. Companies will have to be more transparent about the type of data they collect on individuals, how that data is used, and when personal information is exposed in a breach.

By Samuel Siskind| 2017-09-14T12:05:53+00:00 August 31st, 2017|Blog|

No-password login: The frictionless and secure alternatives to passwords

Providing secure and easy-to-use authentication and login mechanisms should be one of the main goals every online service pursues. Unfortunately, passwords, the traditional method to protect online accounts and keep intruders out, are becoming less reliable and more cumbersome to maintain, both for users as well as service providers. The industry has become in desperate need for a no-password option. Where to go from here? [...]

By Amit Rahav| 2017-09-14T12:07:25+00:00 August 22nd, 2017|Blog|

The Case for the Secret Sharing Scheme

The new paradigm of password-free login, based on ‘secret sharing’; an advanced mathematical algorithm to protect data, is the answer for the emerging challenges of authentication and identity protection.

By Amit Rahav| 2017-09-14T12:13:22+00:00 August 16th, 2017|Blog|

Passwords: The Relic of Cyber Security

The Password is dead. Mobile push-based authentication, which enables users to sign on to services with one action, and without passwords, is more effective both in terms of security and user experience

By Secret Double Octopus Staff| 2017-09-14T12:14:58+00:00 August 16th, 2017|News|

New European payment regs leave banks holding the bag

New EU bank regulations will drastically effect security protocols for online banking, and increase responsibility for individual institutions.

By Secret Double Octopus Staff| 2017-09-14T12:18:37+00:00 August 7th, 2017|News|

About us