Twosense Blog

Phishing-Resistant Authentication And PCI Compliance

Written by Twosense | Jul 22, 2024 1:30:00 PM

Information security is critical, especially in Business Process Outsourcing (BPO) contact centers, where massive amounts of personal and financial data are handled daily. While MFA is helpful, traditional MFA methods are now being phished. In this blog, our team will discuss the importance of phishing-resistant MFA and show how Twosense’s behavioral MFA is a scalable, affordable, and compliant solution for contact centers.

Phishing-Resistant MFA In Contact Centers

Contact centers, especially those handling credit card data and other sensitive information, are prime targets for cybercriminals. The harsh reality is that traditional MFA methods, such as SMS-based codes or email-based authentication, are no longer enough to counter advanced phishing attacks. These methods are easily compromised, resulting in data breaches, financial losses, and reputational damage. This vulnerability is the reason why we need a more robust solution.

While currently, unphishable solutions are available; these traditional solutions don't provide contact centers the flexibility needed to operate efficiently. Hard tokens are expensive and require significant effort to manage, certificate-based solutions that tie users to endpoints are not compatible with floating desks–critical for many BPO operations, and biometrics like retina scanning, fingerprint recognition, and facial recognition are available but susceptible to presentation attacks.

Behavioral biometrics offer a unique opportunity to solve this challenge. Behavior differs from other biometrics because it's not susceptible to presentation attacks. Using behavior as a means of authentication is an entirely new method, and looking at behavior over time cannot be faked by a human. Behavior also can't be generated with LLMs because the data is unavailable via the Internet. This is especially important for BPO contact centers and their clients, as the rise in cyberattacks against contact centers continues to increase yearly. 

The National Institute of Standards and Technology (NIST) endorses behavioral biometrics as a security measure. The Payment Card Industry Data Security Standard (PCI DSS) 4.0.1 also recommends phishing-resistant and behavioral authentication to enhance security. The executive order on improving the nation’s cybersecurity, released on May 12, 2021, requires implementing phishing-resistant MFA as part of the Zero Trust Architecture. This executive order affected many public and private organizations, so we need advanced security measures.

Read more about Twosense and PCI compliance and Zero Trust Enviornments here.

Behavioral MFA: Scalable, Affordable, Compliant

TwosenseBehavioral MFA is a solution designed for contact centers. No phones or hard tokens are required; users don’t need to be trained to use the solution, and it’s 2.5 times cheaper than YubiKeys. This ease of use means security doesn’t disrupt operations. Twosense automates MFA challenges using behavior to authenticate users, so only authorized users ever access the cardholder data environment (CDE). Twosense can be deployed as a browser extension (for Chrome and Edge) or as a Windows agent, so it’s highly adaptable and easy to use.

See the full cost analysis of Twosense vs. Yubikey here.

Conclusion

Phishing-resistant MFA is essential to the security and compliance of BPO contact centers. Traditional MFA methods can’t protect against advanced phishing attacks and meet PCI DSS requirements. Twosense’s Behavioral MFA is a scalable, affordable, and compliant solution that doesn’t compromise security. Using Twosense, contact centers can have a robust security posture, protect sensitive information, and streamline operations.

Get your demo here: www.twosense.com/get-a-demo