Read more at https://www.channelnewsasia.com/news/singapore/krisflyer-singapore-airlines-two-factor-authentication-10249320
(Updated: )
Ricky Lim ·
Singapore
The national carrier sent an email to KrisFlyer members on Friday (May 18), asking them to ensure the mobile numbers and email addresses listed on their KrisFlyer profiles were up-to-date and actively used in preparation for this.
By default, the OTP will be sent to the user's registered mobile number, with the registered email address used as an alternative if the mobile number is not be available, SIA said in the email.
--
The national carrier sent an email to KrisFlyer members on Friday (May 18), asking them to ensure the mobile numbers and email addresses listed on their KrisFlyer profiles were up-to-date and actively used in preparation for this.
By default, the OTP will be sent to the user's registered mobile number, with the registered email address used as an alternative if the mobile number is not be available, SIA said in the email.
--
Posted on :-
21 Apr 2018 06:17AM (Updated: 21 Apr 2018 11:41AM)
Ricky Lim ·
Singapore
Posted on :-18 Apr 2018
Ricky Lim ·
Singapore
For eCommerce transaction, it is imperative for Corporation to adopt 2FA to prevent phishing attacks.
So that when hackers manage to phish userid and passwords from users - the hackers will not be able to perform eCommerce transactions - because it will need a 2FA to complete the eTransactions - as userid and passwords are not good enough.
As hackers will not have the SMS 2FA or secure-token generated random numbers - such phishing attack will not be successful.
SIA should seriously consider 2FA for eCommerce transactions.
The only problem is --- overseas members will have difficulty using 2FA - as SMS is need to use local telcos and distributing secured token to overseas members will be a challenge. (To mitigate this challenge, a 2FA generated number can be sent to the email of the overseas member).
21 Apr 2018 06:17AM (Updated: 21 Apr 2018 11:41AM)
Ricky Lim ·
Singapore
Posted on :-18 Apr 2018
Ricky Lim ·
Singapore
For eCommerce transaction, it is imperative for Corporation to adopt 2FA to prevent phishing attacks.
So that when hackers manage to phish userid and passwords from users - the hackers will not be able to perform eCommerce transactions - because it will need a 2FA to complete the eTransactions - as userid and passwords are not good enough.
As hackers will not have the SMS 2FA or secure-token generated random numbers - such phishing attack will not be successful.
SIA should seriously consider 2FA for eCommerce transactions.
The only problem is --- overseas members will have difficulty using 2FA - as SMS is need to use local telcos and distributing secured token to overseas members will be a challenge. (To mitigate this challenge, a 2FA generated number can be sent to the email of the overseas member).
No comments:
Post a Comment