Article | March 27, 2017

Traditional Authentication Puts Retailers At Risk

Source: DigitalPersona / Crossmatch
Retail Breaches

What is composite authentication, and why does it matter?

By Chris Trytten, Director, Product Marketing at Crossmatch

U.S. retailers are keenly aware of the data security risks they face. The dire consequences of a breach came to full light in 2013, when some 70 million customer records were stolen from Target after network access credentials were heisted from one of the merchant’s third-party HVAC vendors.

Let’s make a couple of things clear about that breach. First, Target was, by all accounts, in compliance with the PCI DSS (Payment Card Industry Data Security Standard) when the breach occurred. Second, the PCI DSS requires two-factor authentication for remote network access originating from outside the network by personnel and all third parties.