Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2004 VeriSign, Inc. Secure Letterhead Phillip Hallam-Baker Principal Scientist VeriSign Inc.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "© 2004 VeriSign, Inc. Secure Letterhead Phillip Hallam-Baker Principal Scientist VeriSign Inc."— Presentation transcript:

1 © 2004 VeriSign, Inc. Secure Letterhead Phillip Hallam-Baker Principal Scientist VeriSign Inc.

2 2 We are not in Kansas any more

3 3 Their Goal

4 4 Our Goal

5 5 We do not have to find a silver bullet

6 6 20% reduction

7 7 Make your problem their problem

8 8 Phishing: The use of social engineering to steal access credentials

9 9 Approach 1 Respond to Attacks

10 10 Approach 2 Deploy Strong Credentials

11 11 Approach 2 Disrupt the Social Engineering Attack

12 12 User Education

13 13 The Real End-to-End Security Story

14 14 We must take multiple approaches

15 15 Which is Best?

16 16 All of them.

17 17 Strong Inbound Authentication + Fraud Detection + Capture Site Take Down + Strong Outbound Authentication

18 18 Secure Letterhead: How to know a message is authentic

19 19 Phishing criminals have other tactics

20 20 before the next horse…

21 21 Phishing is not the only Internet crime

22 22 How does a user identify a site today?

23 23 What was the DNS designed to do?

24 24 A location service should be permissive + Where do I find The dotFuture Manifesto on the Web? + www.thedotfuturemanifesto.com + www.the-dotfuture-manifesto.com + www.thedotfuturemanifesto.org + dotfuturemanifesto.blogspot.com

25 25 An authentication service should be restrictive

26 26 Solution: Separate the authentication channel

27 27 How do we deploy?

28 28 Solution: Leverage the SSL Certificate Market

29 29 First Generation SSL Certs: Accountability

30 30 Secure Letterhead

31 31

32 32 Who Guards the Guardians?

33 33 Accountability

34 34 The Trust Brand on the Line

35 35 What is missing?

36 36 Browser Support

37 37 LOGOTYPE Certificate Issuers

38 © 2004 VeriSign, Inc. Thank You www.verisign.com/antiphishing dotcrimemanifesto.blogspot.com

Download ppt "© 2004 VeriSign, Inc. Secure Letterhead Phillip Hallam-Baker Principal Scientist VeriSign Inc."

Similar presentations

Achieving online trust through Mutual Authentication.

Achieving online trust through Mutual Authentication.
High Validation SSL Certificates Mike Davies Marketing Director VeriSign Security Services EMEA.

High Validation SSL Certificates Mike Davies Marketing Director VeriSign Security Services EMEA.
George Tubin Senior Analyst Consumer Banking © 2005 The Tower Group, Inc. May not be reproduced by any means without express permission. All rights reserved.

George Tubin Senior Analyst Consumer Banking © 2005 The Tower Group, Inc. May not be reproduced by any means without express permission. All rights reserved.
Extended validation SSL March 2007 Tim Moses (chair, CA / Browser Forum)

Extended validation SSL March 2007 Tim Moses (chair, CA / Browser Forum)
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Breaking Trust On The Internet

Breaking Trust On The Internet
More on SSL/TLS. Internet security: TLS TLS is one of the more prominent internet security protocols. TLS is one of the more prominent internet security.

More on SSL/TLS. Internet security: TLS TLS is one of the more prominent internet security protocols. TLS is one of the more prominent internet security.
© 2004 VeriSign, Inc. Web Services and the Old World Phillip Hallam-Baker Principal Scientist VeriSign Inc.

© 2004 VeriSign, Inc. Web Services and the Old World Phillip Hallam-Baker Principal Scientist VeriSign Inc.
Identity Security Time to Share Nicolas Popp VeriSign MM/DD/YY - Session Code: 22 pt Arial.

Identity Security Time to Share Nicolas Popp VeriSign MM/DD/YY - Session Code: 22 pt Arial.
Cyberbad Where Spam is leading to Phillip Hallam-Baker

Cyberbad Where Spam is leading to Phillip Hallam-Baker
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Building Trust in Digital Online World Dr. Shekhar Kirani Vice President VeriSign India 5th June 2009 IBA Conference.

Building Trust in Digital Online World Dr. Shekhar Kirani Vice President VeriSign India 5th June 2009 IBA Conference.
Phillip Hallam-Baker Extended Validation Presentation to ISTTF September 23, 2008 VeriSign/Extended Validation ISTTF Presentation 9/23/2008.

Phillip Hallam-Baker Extended Validation Presentation to ISTTF September 23, 2008 VeriSign/Extended Validation ISTTF Presentation 9/23/2008.
Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.

Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.
Dr. Sarbari Gupta Electrosoft Services Tel: (703)757-9096 Security Characteristics of Cryptographic.

Dr. Sarbari Gupta Electrosoft Services Tel: (703) Security Characteristics of Cryptographic.
Online Security Tuesday April 8, 2003 Maxence Crossley.

Online Security Tuesday April 8, 2003 Maxence Crossley.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
CS795/895.NET Passport1. NET PASSPORT &TRUSTBRIDGE SHRIPAD PATIL CS795/895 SECURITY IN DISTRIBUTED SYSTEMS.

CS795/895.NET Passport1. NET PASSPORT &TRUSTBRIDGE SHRIPAD PATIL CS795/895 SECURITY IN DISTRIBUTED SYSTEMS.
CertAnon A Proposal for an Anonymous WAN Authentication Service David Mirra CS410 January 30, 2007.

CertAnon A Proposal for an Anonymous WAN Authentication Service David Mirra CS410 January 30, 2007.
Access Control in IIS 6.0 Windows 2003 Server Prepared by- Shamima Rahman School of Science and Computer Engineering University of Houston - Clear Lake.

Access Control in IIS 6.0 Windows 2003 Server Prepared by- Shamima Rahman School of Science and Computer Engineering University of Houston - Clear Lake.

Similar presentations

Ads by Google