Aspect SDM http://aspect-sdm.org/ Wed, 21 Jul 2021 13:56:28 +0000 en-US hourly 1 https://wordpress.org/?v=5.8 https://aspect-sdm.org/wp-content/uploads/2021/06/cropped-icon-32x32.png Aspect SDM http://aspect-sdm.org/ 32 32 Main challenges facing the fintech industry today and how to overcome them https://aspect-sdm.org/main-challenges-facing-the-fintech-industry-today-and-how-to-overcome-them/ https://aspect-sdm.org/main-challenges-facing-the-fintech-industry-today-and-how-to-overcome-them/#respond Wed, 21 Jul 2021 13:09:00 +0000 https://aspect-sdm.org/main-challenges-facing-the-fintech-industry-today-and-how-to-overcome-them/

In recent years, Fintech has brought about a big change, disrupting many industries, especially in the financial sector. It has improved many aspects of finance, such as money lending, payment processing, insurance, etc. This change resulted in a unique and seamless experience for users, helping customers understand and embrace Fintech without much effort.

But the majority of customers still choose more traditional financial institutions. Fintech, although making a technological revolution, has some issues and challenges ahead. Some of the biggest issues are lack of trust, poor transparency, security holes, and certain customer habits. In this article, we will go through these issues in detail and try to figure out how to overcome them.

What is FinTech?

Financial Technologies (Fintech) were created to replace or supplement traditional financial methods. These include software, algorithms, processes and business models. The main areas of almost all fintech applications include personal investment, commerce, banking, and insurance.

According to Market Analyzer, the global fintech market will be worth $ 26.5 trillion by 2022, with an average annual growth rate of 6%. Some of the reasons for this rapid growth are global economic growth, the increased need for credit and insurance, and the growing interest in investing.

Major challenges in 2021

Fintech faces four key obstacles. To ensure long-term success, businesses must do everything in their power to meet these challenges.

User privacy and security concerns

In Europe, the use of FinTech increased by 72% in 2020, accompanied by massive investments in Fintech. However, such improvement can be followed by unintended consequences, the most important of which are new security concerns. Cybercrime is on the rise, with new attacks occurring every 39 seconds. And unfortunately, fintech companies are one of the most common targets for hackers.

This shouldn’t come as a surprise – people are relying more and more on managing digital money, so fintech companies now have more valuable data to protect than ever before. Because of this, even large, reputable institutions, such as national credit bureaus and major Forex brokers, can suffer from data leakage. This was the case for Pepperstone, an Australian leader brokerage house whose customer data has been stolen in August 2020.

Keep abreast of modern technologies

According to a 2019 Gartner CIO Survey, over 50% of financial services CIOs believe that most businesses will operate through digital channels and that digital initiatives will generate more revenue and value, underscoring the importance of fintech trends going forward.

However, organizations that use outdated business management applications or disparate systems will not be able to keep pace with an increasingly digital technology-driven world.

Timothy Partasevitch, Director of Growth at Smart IT


In other words, digital transformation is not just a good idea, it is necessary for survival.

Technologies such as cloud computing, artificial intelligence, big data, and machine learning offer significant benefits to organizations looking to cut costs. At the same time, they increase customer satisfaction and the share of portfolios. However, the initial switch to such technology comes with additional costs and risks.

Software-as-a-Service and Platform-as-a-Service cloud computing enables organizations previously burdened with disparate legacy systems to simplify and standardize their IT infrastructure. In this way, banks and credit unions can reduce costs and improve data analysis while using advanced technology.

Artificial Intelligence (AI) offers a significant competitive advantage by providing a deep understanding of customer behavior and needs. This gives financial institutions the ability to sell the right product to the right customer at the right time. Additionally, AI software and big data in finance can provide critical organizational information needed to determine operational capabilities and maintain flexibility.

Software quality

Financial institutions that use the latest business technologies, especially cloud applications, have a significant advantage in the race for digital transformation: they can innovate faster. The power of cloud technologies lies in their flexibility and scalability. With no system hardware limiting flexibility, cloud technologies allow systems to grow with your business.

However, digital transformation is making companies more dependent on their software products, shifting the focus to innovations and fintech development. Some purely technical factors are starting to have a huge impact in business, namely:

Suggested articles

Viberate and Travala.com Team Up for Friendly Travel for Music Fans Go to Article >>

  • Quality of the application code, its flexibility, maintainability and scalability;
  • Overall system performance;
  • UX design and quality of customer-oriented features;
  • Security and scalability of the infrastructure;
  • Speed ​​of software development and bug fixes.

There are many other factors that come into play, and each of them can make a new product stand out from its competition or go dark. Successful fintech startups cannot exist without strong IT resources.

Industry regulations

Regulatory compliance has become one of the biggest challenges in the banking industry due to the dramatic increase in regulatory fees relative to profits and credit losses since the 2008 financial crisis.

From Basel risk-weighted capital requirements at Dodd-Frank Law, and the Financial Account Standards Board’s Current expected credit loss (CECL) at the Allowance for loan and rental losses (ALLL), there are a growing number of regulations that banks and unions must comply. Compliance can take a significant toll on a fintech bank’s resources and often depends on the ability to correlate data from disparate sources.

Solutions

There is no single panacea that can help you overcome all of the challenges mentioned above. However, here are some working solutions facilitating the evolution of Fintech startups to consider:

Implement innovative authentication processes

Imagine a world where users participate in the client authentication process only at the edge. No login, no password, no text confirmation code – customers open the app or log into mobile banking and do their daily banking.

However, in the background, complex algorithms are constantly running to ensure that the person using the device is who they say they are.

The algorithms test keystroke patterns and examine how the user slides across the screen when using US banking apps. It measures the speed at which the user walks, the height at which they hold their phone, the speed at which they speak. It examines the last places the user has been and where they are now. It brings up dozens of other user data points and determines if anything is out of the ordinary, for example in terms of fintech payments.

If the number of data points seems suspect, the algorithm activates the authentication process. The user can be prompted to take a selfie so that facial recognition software can verify their identity. They may be asked to provide a fingerprint. At this point, you can still use two-factor authentication to add a layer of security.

In this world, the user experience must be fluid and fluid. Security and confidence in customer authentication is high and ongoing. The number of cases of fraud and theft is reduced. And with this, user satisfaction increases dramatically. However, with that comes new privacy concerns, of course.

Outsource application development to experts

Creating an exceptional Fintech solution, including banking software, with great features and a high level of security, requires a lot of experience and dedication. Not every business can build a strong internal team to build an app. As a result, more and more companies are choosing to outsource financial technology software development to achieve functional and user-friendly applications.

A pre-assembled team of professionals allows you to start developing your application immediately. Plus, you won’t have to spend your budget on recruiting, training new employees, as well as paid time off. Outsourcing allows you to dramatically reduce costs in the long run, save on operating costs and, at the same time, achieve your goals and get things done quickly and efficiently.

Hire legal counsel

The consultant you hire should be your FinTech Evangelist. They are responsible for training, understanding, and working with you to ensure the solution meets your needs as an organization or corporate client. Consultants have in-depth knowledge of technology and markets, and they can spot trends in the FinTech landscape. And that information helps them understand possible solutions and identify opportunities on behalf of clients.

Conclusion

The future of fintech is clear: financial technology will take a significant market share. In fact, we are already seeing the growing popularity of Fintech, which may soon enter a cycle of hype as blockchain technology once did. However, creating a working financial solution that will be among the best fintech examples to look for requires more than a great idea. You need to quickly overcome the obstacles we have discussed so as not to slow down progress. Therefore, relying on professional help is a strategic approach towards better risk management and harmonious development.

Timothy Partasevitch is Director of Growth at Intelligent computing.

Source link

]]>
https://aspect-sdm.org/main-challenges-facing-the-fintech-industry-today-and-how-to-overcome-them/feed/ 0
Samsung Galaxy M21 2021 Edition launch: check price, features https://aspect-sdm.org/samsung-galaxy-m21-2021-edition-launch-check-price-features/ https://aspect-sdm.org/samsung-galaxy-m21-2021-edition-launch-check-price-features/#respond Wed, 21 Jul 2021 08:27:55 +0000 https://aspect-sdm.org/samsung-galaxy-m21-2021-edition-launch-check-price-features/

Samsung today launched the Galaxy M21 2021 Edition in India. The new model comes with small improvements over the existing Galaxy M21. These include triple rear cameras and contain a 6000mAh battery. There is also a teardrop style notch and two color options.

Samsung Galaxy M21 2021: Price and availability

The Samsung Galaxy M21 2021 edition will be priced at Rs 12,499 for the 4GB / 64GB variant and Rs 14,499 for the 6GB / 128GB variant. The phone will be available in two colors – Arctic Blue and Charcoal Black. The phone also has two SIM slots and comes with Android 11 with the One UI Core edition in addition.

The device will be available on Amazon India on July 26 as part of the Prime Day sale. The phone will also be available on Samsung’s website and other offline retailers nationwide. Customers who buy the phone from Amazon with HDFC cards will also get an instant 10% discount.

Samsung Galaxy M21 2021: Specifications

The Samsung Galaxy M21 2021 features a 6.4-inch FHD + AMOLED display with 19.5: 9 aspect ratio and a teardrop-shaped notch. The phone is powered by the Samsung Exynos 9611 chipset which was also present on the older variant.

There is a triple rear camera setup which includes a Samsung GM2 48MP main camera, 8MP ultralarge camera, and 5MP depth sensor. Up front is another 20MP camera for selfies and video calls.

Other features include a USB-C port and a 3.5mm headphone port. There is also a fingerprint sensor on the back of the phone. There is also a 6000mAh battery with 18W fast charging.

Source link

]]>
https://aspect-sdm.org/samsung-galaxy-m21-2021-edition-launch-check-price-features/feed/ 0
Thales biometric payment card offers users increased security and convenience https://aspect-sdm.org/thales-biometric-payment-card-offers-users-increased-security-and-convenience/ https://aspect-sdm.org/thales-biometric-payment-card-offers-users-increased-security-and-convenience/#respond Wed, 21 Jul 2021 02:15:13 +0000 https://aspect-sdm.org/thales-biometric-payment-card-offers-users-increased-security-and-convenience/

Payment cards are familiar products that are part of our daily lives. They have evolved rapidly in recent years with the emergence of contactless technology. At the heart of this process, Thales has helped banks constantly reinvent the card itself and offer the best payment experience. This new card, which incorporates a biometric sensor, offers users increased security and comfort. This latest generation of cards represents a key step in the payment space.

The contactless biometric card simplifies proximity payments and also offers an essential level of confidentiality and trust. The user’s fingerprint data is loaded onto the card via a simple and secure personal enrollment process, carried out from home or at a bank branch.

In addition, none of the biometric details used for registration are shared with a third party; the fingerprint in the card chip is only used to provide local authentication of the card holder during contactless payment. Neither the merchant nor the bank have access to the biometric data as it remains securely stored in the card chip.

In terms of security, the biometric card ultimately means that a lost or stolen card is useless without the owner’s fingerprint to authenticate a contactless transaction. In such trustworthy payment environments, it is not necessary to set a payment limit. In addition, when the cardholder’s fingerprint cannot be used – such as with cash withdrawals from ATMs – the use of a PIN code is still possible as a fallback solution.

The Thales EMV contactless biometric payment card is the only solution in the sector fully certified by the main EMV payment systems such as MasterCard and Visa. After a series of successful trials around the world, the solution has been marketed in several countries.

“After a test of the Thales biometric payment card and its positive results, we have now opened the offer to all our customers with complete peace of mind. This premium solution addresses several challenges such as convenience, security and contactless. A simple but rigorous registration process has been put in place at the branch so that biometric data never leaves the card. This is an essential prerequisite because we take the privacy of our customers’ data very seriously, ”said Jean-Marie Dragon, Head of Payments and Cards, BNP Paribas.

“The COVID-19 pandemic has pushed the tech industry to develop contactless solutions and indirectly resulted in higher transaction levels being processed without a second factor of authentication. The biometric payment card allows contactless payment for any amount while preserving the confidentiality of this very personal data, ”said Bertrand Knopf, SVP Banking and Payment Solutions at Thales.

Source link

]]>
https://aspect-sdm.org/thales-biometric-payment-card-offers-users-increased-security-and-convenience/feed/ 0
Amazon products to help you stay cool in hot weather https://aspect-sdm.org/amazon-products-to-help-you-stay-cool-in-hot-weather/ https://aspect-sdm.org/amazon-products-to-help-you-stay-cool-in-hot-weather/#respond Tue, 20 Jul 2021 21:46:50 +0000 https://aspect-sdm.org/amazon-products-to-help-you-stay-cool-in-hot-weather/

Ramekin eggs in the pressure cooker

While you will need a trio of eggs, heavy cream, and chives for this 5-minute recipe, you can swap the mushrooms for your favorite vegetable. (via Brit + Co)

Slow Cooker Hawaiian Ribs

Slow Cooker Hawaiian Ribs

You don’t need a grill to enjoy a barbecue. the slow cooker simmer ribs in hot sauce until they fall off the bone. Grill them just before serving to add irresistible caramel notes to your meal. (via Spicy Southern Kitchen)

Slow Cooker Asian Meatballs

Slow Cooker Asian Meatballs

The secret of these meatballs? They are not made from scratch – hush. The ridiculously tasty, ginger-honey the sauce compensates. (via The Diary of a True Housewife)

Red Wine Braised Beef Short Ribs

Red Wine Braised Beef Short Ribs After 15 minutes of preparation and eight hours on low heat, this elegant dinner-worthy meal can be yours. (via Tin Eats Recipe)

Slow Cooker Beef Stew

Slow Cooker Beef Stew

Tender pieces of beef, a complex broth, and full of salty vegetables means this stew is about to become a staple in your home. (via Food Lovin ‘Family)

Slow Cooker Ropa Vieja

Slow Cooker Ropa Vieja

Cuban-style minced beef swimming in a sauce with peppers, tomato, cumin, and Oregano is tasty enough to stand on its own. If you’ve got a little extra time, it’s even better when added to a bowl of beans, rice, and plantains. (via Roasted Root)

Slow Cooker Honey Garlic Chicken

Slow Cooker Honey Garlic Chicken

Avoid shipping costs and make a batch of honey Garlic slow cooker chicken this weekend instead. By the time you come back from a drink with the girls, you will have a delicious dinner waiting for you in your Crock-Pot. (via Family Food on the Table)

Slow cooker vegan tikka masala

Slow cooker vegan tikka masala Without meat to add a depth of savory flavor, many vegan dishes benefit from short, slow cooking times. It gives the ingredients and spices the opportunity to blend together, creating a fully developed flavor profile that will make you forget about the meat. (via Delish Knowledge)

Tacos al Pastor

Tacos al Pastor

Once you give these pigs and pineapple tacos to try, you might want them over and over again. The good news for you, preparing meat in a slow cooker means it’s virtually effortless to prepare. (via Give Me The Oven)

Butter chicken

Butter chicken It takes less time to prepare this chicken than it does to get to your local take out restaurant. (via Kitchen Sanctuary)

Slow cooker chicken enchilada soup

Slow cooker chicken enchilada soup You’ll have eight servings of Chicken enchilada soup to eat or save for later when you prepare this recipe, made in 10 minutes or less. (via Diet)

Marsala vegetable bowl

Marsala vegetable bowl

A little cooking wine can go far! This tasty and super simple slow cooker recipe will keep you healthy without the stress of cooking. (via Brit + Co)

Slow cooker mac and cheese

Slow cooker mac and cheese

The only thing better than the stove Mac is the slow cooker version. It’s hard to believe our favorite comfort food could get even creamier and more cheesy. (via Brit + Co)

Crock-Pot Lentil Bolognese

Crock-Pot Lentil Bolognese

Looking for a meatless alternative to this hot, simmering sauce? Lentils are the high protein and substantial answer you’ve been looking for! (via Simply Whipped)

spring roll

spring roll

This chicken, carrots, mushrooms, and the sweet and savory sauce combo is just the quick and delicious weekday ticket. (via Well Plated)

We love when dinner is quick and easy, which makes these recipes perfect for your next weekday dinner!

follow us on Pinterest for more slow cooker recipes!

This article has been updated from a previous post.

Source link

]]>
https://aspect-sdm.org/amazon-products-to-help-you-stay-cool-in-hot-weather/feed/ 0
UK plans to make digital ID ‘as reliable as passports’ https://aspect-sdm.org/uk-plans-to-make-digital-id-as-reliable-as-passports/ https://aspect-sdm.org/uk-plans-to-make-digital-id-as-reliable-as-passports/#respond Tue, 20 Jul 2021 17:52:29 +0000 https://aspect-sdm.org/uk-plans-to-make-digital-id-as-reliable-as-passports/

The UK government is planning a governing body to make digital identities “as reliable as passports” by increasing their legal status and introducing trust marks for digital identity products from private sector suppliers.

The release reveals details and preparations that provide a glimpse of what the UK’s future digital identity landscape could look like. Meanwhile, companies are investigating new biometric data for COVID-19 health passes and activists are concerned about new requirements for their use in the UK.

The Department of Digital, Culture, Media and Sports launched the “Digital Identity and Attributes Consultation” on the definition of digital identity and the creation of a body for digital identity as a that distinct identity type:

“This consultation calls for advice on how the digital identity system should work, including proposals for a governing body that will be responsible for ensuring that organizations comply with government rules on digital identity.”

The more informative press release that accompanies it describes the benefits of digital identity that the future organization hopes to achieve for potential technology that could be a “phone app or other web service.”

A digital ID would make proof of identity faster and cheaper than using physical identifying information and would help protect privacy, for example by proving the holder is over 18 without disclosing others. details such as name. (Work is already underway in the UK to introduce age verification for pornography and social media.)

The UK does not have an existing digital identity or national identity card. People rely on driver’s licenses and passports as well as programs such as the CitizenCard which works in conjunction with Yoti’s biometric identity app, popular among young people to enter the premises and buy fuel. ‘alcohol. It is estimated that nearly one in four Britons does not have traditional identity documents.

The government statement said the agency would have the power to issue an “easily recognized trust mark” to digital identity companies to certify that user data is handled securely. UK Digital Infrastructure Minister Matt Warman reportedly said: “The plans presented today will ensure that people can trust the app in their pocket as much as their passport when proving their identity. “

Right now, there is a suggestion of new powers to build digital identities on trusted data sets such as the DVLA for driver’s licenses and the General Register Office for birth certificates. More generally, there is a proposal to allow verification against government sources of information such as age or address.

For those who do not have existing identity documents, the statement said: “If someone does not have access to an official document, such as a passport, they may be able to prove their identity digitally via another government service, or other means such as proof from a doctor or other trustworthy source.

The statement already mentions that companies will have to report annually to the governing body on which users have been excluded from using their services.

“The use of digital identity will not be mandatory and people will retain the option of using available paper documents,” said the statement, which then underscored the government’s determination: “Just as the government has committed not to make digital identities mandatory in the UK, he also wants to ensure that in the future people will not be forced to use traditional identity documents, if these are not strictly required. “

Recent announcements such as the possibility that voters will need photo ID for future elections, a land register ID scheme, and a (problematic) app that allows EU citizens to verify their Identity could all provide further clues to the future of digital ID in the UK.

The statement was issued the same day the British Prime Minister announced that nightclubs and large indoor venues would require a vaccine pass to enter from September, once all adults had had the chance to check in. ” be fully vaccinated. It was the day he called “Freedom Day”. The next day, No.10 refused to rule out that COVID passports might also be needed to enter pubs, reports The Guardian.

Such requirements would require parliamentary approval, but add to concerns from privacy activists that the use of health passes could involve a certain amount of mission drift leading to an identification system. national.

Speaking to the Telegraph, Andrew Bud, chief executive of iProov, which provides facial verification for the NHS COVID Pass, said: ‘Like so many other things, COVID has moved the development of digital IDs from three to five years. “

The Telegraph reports that iProov alongside tech start-up Mvine received £ 75,000 (US $ 102,000) from Innovate UK to investigate COVID vaccine certificates and that US IT company Entrust, which received 250 £ 000 ($ 340,000) to develop software for the NHS COVID Pass said governments could “redeploy this effort into a national citizen identification program”.

The newspaper also reports that Yoti spent around £ 30,000 ($ 41,000) to fund the all-parliamentary group on digital identity.

Articles topics

biometrics | credentials | digital identity | identity document | identity verification | iProov | mobile application | confidentiality | regulation | United Kingdom | Yoti

Source link

]]>
https://aspect-sdm.org/uk-plans-to-make-digital-id-as-reliable-as-passports/feed/ 0
Connecticut Adopts Stricter Cyber ​​Security Data Breach Notification and Liability Statutes | Man’s pepper with trout https://aspect-sdm.org/connecticut-adopts-stricter-cyber-%e2%80%8b%e2%80%8bsecurity-data-breach-notification-and-liability-statutes-mans-pepper-with-trout/ https://aspect-sdm.org/connecticut-adopts-stricter-cyber-%e2%80%8b%e2%80%8bsecurity-data-breach-notification-and-liability-statutes-mans-pepper-with-trout/#respond Tue, 20 Jul 2021 17:44:31 +0000 https://aspect-sdm.org/connecticut-adopts-stricter-cyber-%e2%80%8b%e2%80%8bsecurity-data-breach-notification-and-liability-statutes-mans-pepper-with-trout/

introduction

The Connecticut legislature recently enacted two new data breach and cybersecurity laws – Public Act 21-59 and Public Act 21-119 – on June 16 and July 6, respectively. Both laws will come into effect on October 1 and will expand notification obligations for businesses experiencing a data security incident and provide business incentives for enhanced cybersecurity standards to protect personal information.

Public Law 21-59: Law relating to breaches of data confidentiality

Public Law 21-59 amends existing Connecticut data breach and cybersecurity law in three key areas. First, it expands the substantive definition of what constitutes “personal information” subject to legal protection. Second, it shortens the timeframe for reporting data breaches (subject to certain qualifications and exceptions, as explained in more detail below) and creates unique notification requirements for incidents involving a login credential violation. Third, it protects from public disclosure certain information provided in response to a Connecticut unfair trade practices investigation resulting from a data breach.

Extended Definition of “Personal Information”

Connecticut law previously defined “personal information” as a person’s first or initial and last name in combination with one or more of the following: (1) social security number; (2) driver’s license number; (3) state identity card number; (4) credit or debit card number; or (5) the financial account number associated with any password or security code that would allow access to this account.

Public Law 21-59 significantly expands this definition to include the following data elements:

  • Tax Identification Number;

  • IRS Identity Protection Personal Identification Number;

  • Passport number, military identification number or other government issued identification number used to verify identity (for example, Social Security number);

  • Information regarding medical history, mental or physical condition, or medical treatment or diagnosis by a healthcare professional;

  • Health insurance policy number, subscriber identification number or other number used by a medical insurer to identify the person;

  • Biometric information consisting of data generated by measurements of unique physical characteristics, such as fingerprint, voice print, retina or iris image, used to authenticate identity;

  • Username or email address in combination with a password or security code that would allow access to an online account.

Enhanced data breach notification requirements

Under Public Law 21-59, the time limit for reporting a data breach to affected individuals and the Connecticut Attorney General is shortened from 90 days to “without unreasonable delay, but not more than 60 days.” In the event that the notifying entity discovers additional persons after the reporting deadline, it is still required to act in good faith to notify these persons “as quickly as possible”. Additionally, if the entity determines that it cannot confirm the identity and notify all affected individuals within the new 60-day period, it must provide a preliminary replacement notice to all potentially affected individuals and follow up. by direct notice as soon as possible. The substitution notification consists of (1) an email notification (where the individual’s email address is known), (2) a “visible post” of the notification on the entity’s website (if applicable). ) and (3) “notification to major state media, including newspapers, radio and television.

In addition, public law 21-59 contains special rules applicable to incidents involving a violation of login credentials. A login credential violation notice may be provided by email (or other electronic means) asking the recipient to change their login credentials or take other steps to secure their account. However, if the receipt of the e-mail notification by the data subject cannot be verified, another form of notification should be used, or the person should receive a “clear and visible notice” while the person is “logged in. to the online account “that the person” usually accesses … “. While not expressly required by law, businesses may also consider forcing affected customers to change their passwords or other login information.

Notably, Public Law 21-59 provides that the data breach notification requirements apply to nobody who owns, authorizes or maintains computerized data that includes “personal information”, not just those that do so in the ordinary course of business. This broadens the applicability of the law’s prior notification requirements.

Exemption for HIPAA / HITECH Compliant Businesses

With two important exceptions, any entity subject to (and in compliance with) HIPAA and / or HITECH privacy and security standards is deemed to be in compliance with the notification obligations set out in Public Law 21-59. The exceptions are that (1) an entity required to notify Connecticut residents of a violation under HIPAA / HITECH must also notify the Attorney General when such residents are notified; and (2) whether the entity would have been required to provide identity protection or mitigation services under Connecticut law (for example, due to violation of a social security number), this requirement remains in effect. This provision attempts to remedy any confusion resulting from requirements and requirements contrary to state laws under HIPAA / HITECH.

Protecting data breach reports from access to information requests

Public Law 21-59 also provides privacy protections for companies responding to an investigation of alleged violations of Connecticut’s Unfair Business Practices Act resulting from a data breach. Public Law 21-59 recognizes that “documents, materials and information” provided in response to an investigation of a potential violation of the Connecticut law on unfair business practices resulting from a data breach are exempt disclosure requirements under under the Connecticut Freedom of Information Act. However, the Attorney General is authorized to make these documents, items and information available to third parties for investigative purposes.

Public Law 21-119: a law encouraging the adoption of cybersecurity standards for companies

Public law 21-119 aims to encourage companies to adopt more cybersecurity standards. Among other things, Public Law 21-119 allows companies that comply with certain industry-recognized cybersecurity practices to avoid punitive damages in any tort claim alleging a failure to implement “cybersecurity controls.” reasonable that resulted in a data breach relating to personal or restricted information ”. The immunity from punitive damages granted by public law 21-119 is, however, subject to some reservations.

First, protection against punitive damages is only available for tort claims “brought under the laws of Canada. [the state of Connecticut] or in court [of the state of Connecticut]. “Second, the entity must have complied with a written cybersecurity program which contains “administrative, technical and physical guarantees for the protection of personal or restricted information…”. Finally, the program must comply with one or more of the cybersecurity frameworks recognized by the industry and referenced in the law. These frameworks include the standards adopted by the National Institute of Standards and Technology (NIST), the Center for Internet Security (CIS) and the Payment Card Industry (PCI) Security Standards Council – and, for the companies concerned, the established security regulations. by HIPAA, HITECH, FISMA or GLBA. Entities will be deemed to comply with any subsequently amended or revised versions of the industry recognized frameworks listed in the law, provided that they comply with that amended or revised version within six months of its publication.

Conclusion

Connecticut’s updated data breach notification and cybersecurity statutes are in line with a growing trend in states seeking to protect personal information by expanding the definition of personally identifiable information and providing businesses with new tools to stay in compliance with the law and manage the risks associated with information security. and privacy.

The strengthened notification requirements and the expanded definition of “personal information” set out in Public Law 21-59 will force affected companies to step up their efforts to respond quickly and effectively to data breaches and other cybersecurity threats. To do this, companies should seriously consider reviewing and updating their incident response plans, improving their training and roundtable exercises, and having a roster of forensic consultants in place, d ‘external lawyers and media advisors to meet tight deadlines and manage their response.

The immunity from punitive damages granted by Public Law 21-119 should serve to galvanize potentially affected companies, as well as their general counsel, technical directors, risk managers and other privacy professionals to reassess and strengthen their policies. and information security procedures and adopt industry-recognized standards.

Finally, the exemption from compliance with Public Law 21-59 for entities already compliant with HIPAA and / or HITECH’s confidentiality and security obligations should improve efficiency and avoid confusion between state and federal standards, at the same time. less with regard to the covered entities in the healthcare sector. .

Connecticut isn’t the last state to improve its privacy and security laws. Alabama, Arizona, Illinois, Kentucky, Maryland, Massachusetts, Minnesota, New York, Pennsylvania, and Oklahoma all have pending legislation. Troutman Pepper’s Cyber ​​Security, Information Governance and Privacy Practice Group continues to monitor pending data breach and cybersecurity legislation and will issue updates and alerts to customers when new laws will be adopted.

Source link

]]>
https://aspect-sdm.org/connecticut-adopts-stricter-cyber-%e2%80%8b%e2%80%8bsecurity-data-breach-notification-and-liability-statutes-mans-pepper-with-trout/feed/ 0
These organizations use AI to reshape their operations in surprising ways https://aspect-sdm.org/these-organizations-use-ai-to-reshape-their-operations-in-surprising-ways/ https://aspect-sdm.org/these-organizations-use-ai-to-reshape-their-operations-in-surprising-ways/#respond Tue, 20 Jul 2021 14:47:44 +0000 https://aspect-sdm.org/these-organizations-use-ai-to-reshape-their-operations-in-surprising-ways/ From online dating to cybersecurity, AI regularly works behind the scenes in various aspects of our daily lives.

IMAGE: iStock / Maksim Tkachenko

Of smart infrastructure networks From reports written by robots, algorithms and artificial intelligence capabilities regularly work behind the scenes in various aspects of our daily lives. COVID-19 has only accelerated the adoption of automation across industries and Gartner called it “smarter, responsible [and] Scalable AI “as one of its best Data and Analytics Technology Trends in 2021. In this summary, we’ve highlighted some of the ways AI is transforming everything from animal conversation efforts to matchmaking in the digital age.

Agtech Industry

Farming company AppHarvest uses a number of transformative practices to reimagine agriculture in the 21st century, including AI. The company uses computer vision and AI to help its robot harvester, Virgo, pick ripe produce straight from the vine.

The robotic harvester uses a suite of cameras and an infrared laser to map its working environment and uses this information to assess the orientation of a tomato and assess whether it is “ripe enough to pick,” a company press release says. These analyzes allow Virgo to determine the “space-saving and fastest route” to pick the produce using its integrated gripper and arm.

In August, the harvesting robot for picking produce developed new dexterity skills in picked strawberries and cucumbers. (Previously, the Virgin was shown pick tomatoes from the vine in other videos.)

“With robots roaming the facility, interacting with and caring for the crops, we will continuously collect data on crop production to power the AI, then use software to align facility operations with sales. and logistics, making agriculture as reliable and predictable as a factory, ”Webb said at a recent AppHarvest results meeting.

SEE: IT expense reimbursement policy (TechRepublic Premium)

Financial services

Automation and computer algorithms could also transform the roles of humans in the financial services industry. As we reported earlier this year, “bots” were more reliable than people when it came to managing money, according to an Oracle study released in February. Overall, the vast majority of business leaders surveyed (85%) wanted “the help of robots with financial tasks” and about half (56%) believed that robots “would replace financial professionals in the financial sector. ‘business’ over the next five years, according to the study.

“AI and machine learning are increasingly prolific in almost every area of ​​banking, from back office applications and customer engagement to compliance,” said Jason Somrak, chief product officer and of strategy at Oracle Financial Services.

Noting specifically financial crime and the fight against money laundering, Somrak said these are areas where these applications “have a huge impact”.

“While traditional rules-based AML scenarios may keep financial institutions in technical compliance, they are unable to accommodate the ever-changing models of today’s criminals,” Somrak said. “However, more and more people are starting to take advantage of technology to identify a criminal’s digital fingerprint.”

Using historical and current data, Somrak said machine learning algorithms are constantly learning, which can “identify recurring or changing criminal behavior” to “connect suspicious money flows between criminal organizations. “. On the “emerging AI” front, Somrak discussed the “deployment of intelligent artificial agents” to help identify gaps in an organization’s compliance controls.

SEE: Juggling between remote work and child rearing is a colossal task. Here’s how employers can help (Free PDF) (TechRepublic)

Animal conservation

Researchers around the world are harnessing a wide range of technologies to aid in wildlife and land conservation efforts. This includes using facial recognition to track bears in Canada to predicting wildfires through deep learning. As we reported in December, a team of researchers in Australia are using AI-powered drones to protect the iconic koala from habitat destruction and more.

To increase the efficiency and accuracy of the koala count, Grant Hamilton, associate professor of ecology at QUT, and his team have developed a methodology that uses drones, thermal cameras, and AI. But why is it important to count koalas?

“How do we know that our management actions are having any effect? Well we must be able to count [the koalas]. Thus, counting these endangered species is fundamental to ensure that they are preserved. Unless we can do it accurately and efficiently, it won’t happen, and that’s the problem right now, ”said Hamilton.

When we spoke with Hamilton about the program in December, he estimated that a four-person research team could cover around 10 hectares per day, and the drone AI method allows the team to cover 50 hectares in two. hours.

Cyber ​​security

Over the past few weeks, a number of high-profile cyber attacks have impacted critical U.S. infrastructure, ranging from oil production and meat manufacturing to local water supplies. As we reported earlier this year, a number of teams overseeing network security at water treatment facilities are using AI-enabled systems to provide 24-hour monitoring and response. short-staffed IT teams.

But the increasingly common use of “artificial intelligence” sometimes requires a more precise semantic conversation. After all, are these apps really AI or are these solutions more akin to pattern matching?

“From my perspective, artificial intelligence is a general term that refers to software with a set of specific goals. In general, most of the current techniques used by security teams are best defined as machine learning algorithms, ”said Peleus Uhley, chief security officer. strategist and senior scientist at Adobe. “Our team frequently uses machine learning algorithms to solve a variety of IT security issues, such as anomaly detection.”

Using machine learning to detect anomalies is “markedly different from pattern matching,” Uhley said, adding that “you know in advance what you would consider an anomaly” when using pattern matching; which means that teams “should have a predefined, fixed set of models that you match for a given environment.”

However, machine learning algorithms allow teams to “take a more generalized approach” and apply the same algorithm in a number of environments, he added.

“A machine learning algorithm is ‘taught’ what is ‘normal’ for each given environment and can then identify anomalies from that baseline. This can often produce better results than pattern matching because the ML algorithm is not limited to a finite set of pre-defined rules, ”Uhley said.

“It may be able to detect things that are outside the scope of pattern matching,” he continued.

Dating apps

Earlier this month, Kaspersky released a report on the use of computer algorithms in dating apps and feelings about the role these algorithms play in modern matchmaking. Overall, 44% of respondents “would trust AI or an algorithm to find them a compatible match” and a similar number (43%) prefer “to only see people who have been determined to be a good match by algorithm, ”according to Kaspersky.

Conversely, more than a third of respondents (39%) said that they “find it dehumanizing to be sorted by an algorithm”, 58% would prefer “to have equal access to everyone on an application” rather than having a “people sorting algorithm for them,” and more than half (56%) don’t think algorithms “can really capture the complexity needed to understand attraction,” according to the report.

Algorithms are also implemented to add a layer of security to dating applications. Kaspersky security expert Vladislav Tushkanov and security researcher David Jacoby said machine learning algorithms can help identify bots, potentially identify cases of grooming as well as cat fishing, and use language processing natural to detect “abusive language or inappropriate messages, such as spam or promotional texts.”

Computer vision, on the other hand, can automatically filter out unwanted sexual images (unless the user actually wants to engage in sexting). Finally, algorithms can be applied to analyze user behavior in order to block them. fraudulent accounts, “Kaspersky representatives explained.

While many apps will tout AI capabilities with their latest products and services, questions remain as to the accuracy of some claims; namely, is it really artificial intelligence, model matching or smart marketing?

“I imagine a lot of the uses of technology to match would fit the definitions of AI that we use. I’m sure some of the matches work from simple heuristics – you’re a match with someone in your zip code if there aren’t other people to relate to, for example, ”said Whit Andrews, senior analyst at Gartner.

“I’m sure others are more sophisticated, using much richer analyzes that draw n-dimensional polygons that define a given person, or behavioral matches that snap to variables, even if you’re online. same time, ”he said. .

To sum up these points, Andrews said he’s “sure” that businesses “are using AI, but a lot of people would say pattern matching is AI. I’m not sure they’re still using AI. probabilistic analysis, but I’m sure they sometimes do. “

Also look

Source link

]]>
https://aspect-sdm.org/these-organizations-use-ai-to-reshape-their-operations-in-surprising-ways/feed/ 0
Thales biometric payment card: a secure innovation in your pocket https://aspect-sdm.org/thales-biometric-payment-card-a-secure-innovation-in-your-pocket/ https://aspect-sdm.org/thales-biometric-payment-card-a-secure-innovation-in-your-pocket/#respond Tue, 20 Jul 2021 06:00:00 +0000 https://aspect-sdm.org/thales-biometric-payment-card-a-secure-innovation-in-your-pocket/

PARIS LA DEFENSE – (COMMERCIAL THREAD) –Payment cards are familiar products that are part of our daily lives. They have evolved rapidly in recent years with the emergence of contactless technology. At the heart of this process, Thales has helped banks to constantly reinvent the card itself and offer the best payment experience. This new innovative card, which incorporates a biometric sensor, offers users increased security and comfort. This latest generation of cards represents a key step in the payment space.

The contactless biometric card greatly simplifies proximity payments and also offers an essential level of confidentiality and trust. The user’s fingerprint data is loaded onto the card via a simple and secure personal enrollment process, carried out from home or at a bank branch. In addition, none of the biometric details used for registration are shared with a third party; the fingerprint in the card chip is only used to provide local authentication of the card holder during contactless payment. Neither the merchant nor the bank have access to the biometric data because it remains securely stored in the card chip.

In terms of security, the biometric card ultimately means that a lost or stolen card is useless without the owner’s fingerprint to authenticate a contactless transaction. In such trustworthy payment environments, it is not necessary to set a payment limit. In addition, whenever the cardholder’s fingerprint cannot be used – such as with cash withdrawals from ATMs – the use of a PIN code is always possible as a fallback.

The Thales EMV contactless biometric payment card is the only solution in the sector fully certified by the main EMV payment systems such as MasterCard and Visa. After a series of successful trials around the world, the solution has been marketed in several countries.

“After a test of the Thales biometric payment card and its positive results, we have now opened the offer to all our customers with complete peace of mind. This premium solution addresses several challenges such as convenience, security and contactless. A simple but rigorous registration process has been put in place at the branch so that biometric data never leaves the card. This is an essential prerequisite as we take the privacy of our customers’ data very seriously.. “Jean-Marie Dragon, Payments and Cards Manager, BNP Paribas.

“The COVID-19 pandemic has pushed the tech industry to develop contactless solutions and indirectly resulted in higher transaction levels being processed without a second factor of authentication. The biometric payment card allows contactless payment for any amount while preserving the confidentiality of this very personal data. Bertrand Knopf, SVP Banking and Payment Solutions at Thales

About Thales

Thales (Euronext Paris: HO) is a world leader in advanced technologies, investing in digital and deep tech innovations – connectivity, big data, artificial intelligence, cybersecurity and quantum computing – to build a confident future that is crucial for the development of our societies. The Group offers its customers – companies, organizations and governments – in the fields of defense, aeronautics, space, transport, digital identity and security solutions, services and products that help them fulfill their essential role, with the consideration of the individual being the driving force behind all decisions.

Thales has 81,000 employees in 68 countries. In 2020, the Group achieved sales of 17 billion euros.

PLEASE VISIT

Thales Group

Market page

]]> https://aspect-sdm.org/thales-biometric-payment-card-a-secure-innovation-in-your-pocket/feed/ 0 Fighting deepfakes: how to perpetuate our biometric identities https://aspect-sdm.org/fighting-deepfakes-how-to-perpetuate-our-biometric-identities/ https://aspect-sdm.org/fighting-deepfakes-how-to-perpetuate-our-biometric-identities/#respond Tue, 20 Jul 2021 05:25:31 +0000 https://aspect-sdm.org/fighting-deepfakes-how-to-perpetuate-our-biometric-identities/

How much should we be worried about deepfakes? What sort of threat do they pose to digital identity verification and the biometric technology we so depend on, and are there ways to combat this threat?

The deepfake threat

Deepfakes refer to manipulated videos or other digital representations produced by sophisticated artificial intelligence (AI), which produce manufactured images and sounds that appear real. While video deepfakes are arguably the most common, audio deepfakes are also growing in popularity.

You’ve probably seen some of the most important deepfakes that are in the public domain right now, especially those that manipulate existing images of Obama and Tom cruise. However, while this technology may seem playful on the surface, we should not overlook its potential dark side.

As we saw a few years ago, criminals used this technology to imitate the voice of a general manager and demand a fraudulent transfer of € 220,000. This is just one example, but high quality fraudulent deepfakes are now being used much more regularly and the quality of technology is constantly improving, especially with access to images, online videos and social media creating more sources to tap into.

Impact on biometric identities

Now think about this threat against the backdrop of the growing popularity of biometric technology and digital identity verification. Some government agencies today use voice recognition as proof of identity, while banks are using voice and facial recognition to register new users and facilitate online banking.

For example, HSBC recently revealed that telephone bank fraud has been reduced by 50% since the introduction of a biometric security system that authenticates customers by voice, believing that an additional layer of security has prevented £ 249million from being released. British customer money to fall into the hands of criminals in the past year.

However, as the unfortunate deepfake scam shown above shows, cybercriminals have started using technology to commit fraud and there are now concerns that the technology can and will be used to develop fake biometric identifiers to bypass prevention solutions. biometric-based fraud.

So, an obvious question is whether deepfakes are powerful enough to trick the biometric solutions that institutions such as banks and governments become so dependent on.

The current limits of deepfake technology

The answer is: not currently, but we should still take steps to protect ourselves. I know that is not a very satisfactory answer, but it is probably the dose of reality that this debate needs.

First of all, we need to think about how biometric authentication works. Take the example of voice biometrics: a good fake voice (even just a good imitator) can be enough to fool a human. However, voice biometric software is much better at identifying differences that the human ear cannot or chooses to ignore, meaning voice biometric identification can help prevent fraud if the identity is verified by compared to the voice. Even the so-called deep fakes create a bad copy of someone’s voice when analyzed digitally; they make some pretty convincing cameos, especially when combined with video, but again these are bad knockoffs on a digital level.

Other than that, the ability of deepfakes to bypass biometrics-based solutions will ultimately depend on the type of liveliness detection built into the solution. Activity detection identifies whether the user is a real person, and the most basic forms of activity detection require the user to blink, move their eyes, open their mouth, or nod their head.

However, these simple forms of liveliness detection can be faked with deepfakes, as has recently been done. seen in China, where cybercriminals bought high-quality facial images on the black market and used an app to manipulate the images and create deepfake videos that looked like faces were blinking, nodding, or opening their mouths .

They then used a special phone to hijack the mobile camera typically used to perform facial recognition checks, which allowed them to trick the tax billing system into accepting predefined deepfake videos and was good enough to beat. vividness detection control, even if no one was standing in front of the camera.

Fortunately, there is currently no known deepfake-based system that can generate a synthetic response that resembles the user and speaks random words or performs random movements correctly with exact audiovisual synchronization within the limited time available. If it were possible to build such a deepfake, it would require a tremendous amount of work for each application, making large-scale fraud impossible.

However, that does not necessarily mean that the technology will not mature, and it leads us to the solution that will allow us to perpetuate our biometric identities: multiple factors.

Fighting deepfakes: multiple factors

In any situation that uses a biometric solution, especially when it is used to prove identity, there are several factors that should be used. This is ultimately due to the fact that a combination of, say, voice, face, and a PIN is highly secure as only one factor may be possible to tamper with, but tamper with all three in the same. case. is practically impossible. Therefore, to secure our biometric identities against a deepfake threat, we must have the agility to evolve and add more or different factors as threats change and become more sophisticated or more available.

An additional factor that is very difficult to simulate is time (for example, having to provide an answer to a dynamic question that is unique at the time it is asked). This may involve speaking a unique server-side generated word or number that cannot be predicted, as well as making a specific movement or facial expression on request at the time of verification.

An action-based factor (in addition to voice and facial biometrics) of “what you do” and – more importantly – “what you are told to do” is incredibly difficult to fake. It is unlikely that a deepfake attack that passes the biometric check will be able to replicate a required action, as such predetermination is not possible with the processing power available today. But what would that look like in action?

Imagine that you are a bank and a customer calls to transfer a large sum of money, a situation in which it is vital to authenticate and transactionally link that is on the other end of the phone. By forcing the consumer to read a unique alphanumeric sequence, based on a particular transaction and generated at that point in time from the transaction and associated metadata, the result would be a combination of liveness detection, biometric voice verification, and proof of linkage. of that person at a specific time and event.

Importantly, even if there was a high-quality impersonation attempt via a deepfake, the unique server-side generated statement means that a pre-prepared deepfake would not be useful or able to adapt quickly enough. .

]]>
https://aspect-sdm.org/fighting-deepfakes-how-to-perpetuate-our-biometric-identities/feed/ 0
Psychopathic Speech Patterns That Can Help You Spot One, Fast Dr Tarra Bates-Duford https://aspect-sdm.org/psychopathic-speech-patterns-that-can-help-you-spot-one-fast-dr-tarra-bates-duford/ https://aspect-sdm.org/psychopathic-speech-patterns-that-can-help-you-spot-one-fast-dr-tarra-bates-duford/#respond Mon, 19 Jul 2021 23:13:31 +0000 https://aspect-sdm.org/psychopathic-speech-patterns-that-can-help-you-spot-one-fast-dr-tarra-bates-duford/

Can you learn to spot a psychopath before you become a victim?

The term “psychopath” is often used to describe an individual who lacks empathy and is deceptive, manipulative, unemotional (not to mention unusual outbursts of rage), morally depraved, and exhibits blunt or superficial affect.

Psychopaths – or people with psychopathic tendencies – usually want to manipulate others, are very good at identifying vulnerabilities, and superficially provide others with what they lack (like acceptance, flattery, and love).

RELATED: If A Guy Does These 7 Things He’s An Emotional Psychopath

You can learn to spot a potential psychopath by monitoring these speech patterns.

There are also a few body language cues exhibited by psychopaths which usually consist of exaggerated hand gestures and contoured facial expressions. They use them to try to convince the listener that what they are saying is true when it is not.

If you are perceptive enough, you may be able to watch for body language cues and speech patterns that identify a potential psychopath.

Of course, there are other people who have unique speech patterns, flat affect, and unexpected facial expressions who are do not Psychopaths, so you’ll need more than these clues, but these are a great place to start when combined with some dangerous personality traits.

Psychopaths rarely show emotions – at least not genuine emotions.

Studies show that psychopaths generally speak in a controlled manner. They don’t emphasize emotional words like other people do. Their tone remains fairly neutral throughout the conversation.

Although their effect is generally flat and their voice monotonous, they will adjust the pitch to emphasize or convince someone else that they are “genuine”.