Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2004 VeriSign, Inc. Secure Letterhead Phillip Hallam-Baker Principal Scientist VeriSign Inc.

Similar presentations


Presentation on theme: "© 2004 VeriSign, Inc. Secure Letterhead Phillip Hallam-Baker Principal Scientist VeriSign Inc."— Presentation transcript:

1 © 2004 VeriSign, Inc. Secure Letterhead Phillip Hallam-Baker Principal Scientist VeriSign Inc.

2 2 We are not in Kansas any more

3 3 Their Goal

4 4 Our Goal

5 5 We do not have to find a silver bullet

6 6 20% reduction

7 7 Make your problem their problem

8 8 Phishing: The use of social engineering to steal access credentials

9 9 Approach 1 Respond to Attacks

10 10 Approach 2 Deploy Strong Credentials

11 11 Approach 2 Disrupt the Social Engineering Attack

12 12 User Education

13 13 The Real End-to-End Security Story

14 14 We must take multiple approaches

15 15 Which is Best?

16 16 All of them.

17 17 Strong Inbound Authentication + Fraud Detection + Capture Site Take Down + Strong Outbound Authentication

18 18 Secure Letterhead: How to know a message is authentic

19 19 Phishing criminals have other tactics

20 20 before the next horse…

21 21 Phishing is not the only Internet crime

22 22 How does a user identify a site today?

23 23 What was the DNS designed to do?

24 24 A location service should be permissive + Where do I find The dotFuture Manifesto on the Web? + www.thedotfuturemanifesto.com + www.the-dotfuture-manifesto.com + www.thedotfuturemanifesto.org + dotfuturemanifesto.blogspot.com

25 25 An authentication service should be restrictive

26 26 Solution: Separate the authentication channel

27 27 How do we deploy?

28 28 Solution: Leverage the SSL Certificate Market

29 29 First Generation SSL Certs: Accountability

30 30 Secure Letterhead

31 31

32 32 Who Guards the Guardians?

33 33 Accountability

34 34 The Trust Brand on the Line

35 35 What is missing?

36 36 Browser Support

37 37 LOGOTYPE Certificate Issuers

38 © 2004 VeriSign, Inc. Thank You www.verisign.com/antiphishing dotcrimemanifesto.blogspot.com


Download ppt "© 2004 VeriSign, Inc. Secure Letterhead Phillip Hallam-Baker Principal Scientist VeriSign Inc."

Similar presentations


Ads by Google