Auraya Blog

What We Learned From the Deloitte Cyber Security Incident

Pryathna Sankaranarayanan | October 4, 2017 | 4 minutes


The Deloitte cyber security incident brings to light industry leading security measures against theft and fraud

On September 25, the Guardian reported a high profile cyber security incident that Deloitte fell victim to earlier this year, resulting in confidential emails and plans of their blue-chip clients, usernames, passwords and other sensitive data being compromised. 

With cyber-attacks on the rise and posing a major threat to organizations everywhere – what steps can businesses take to protect their assets and mitigate risks? We assess the Deloitte cyber hack incident for insights into industry leading security measures.

Single factor authentication such as passwords increase the risk of theft and fraud

Passwords and PINs, as a standalone security measure, can be easily hacked and stolen. Because they rely on ‘what you know’ to verify your identity successfully, as opposed to biometric technologies that verify you based on ‘what you are’ – anyone who learns the password can break into your system.

The solution: implement multi-factor authentication involving biometrics as a central element in maximizing security outcomes

Multi-factor authentication is emerging as the best practice security solution – because it combines ‘what you know’ with ‘what you are’ successfully for enhanced security. We commonly refer to this as a two-step verification process, for example, say you open a banking app with your PIN or password and use voice biometric authentication to transfer money.

So someone who wants to break in to your account will not only have to know your password to access your account, but will need a voice print match to make transactions. Voice biometrics as a second factor authentication strengthens security and protects your personal assets. The technology is available to make this entire process fast, easy and secure for the internal team and customers – and the approach helps mitigate risks associated with fraud and theft.

Resetting passwords without added security following a major cyber-attack incident is just not going to be enough

The first instinct in uncovering a security breach is to reset all passwords to protect the company, its employees and customers from future attacks. While resetting passwords is necessary, it doesn’t help much once the damage is already done and can potentially become a vicious cycle of continued attacks. Resetting passwords doesn’t solve the larger issue at hand – and companies must plan to strategically manage risks related to cyber-crime by implementing industry best practices.

The solution: leverage proven industry solutions that mitigate security risks – switch to biometric identity authentication across the enterprise and for customers

Biometric identity authentication has many proven advantages over traditional authentication methods. Voice biometrics, when implemented across enterprise, helps boost productivity, reduces cost to organizations, helps identity and manage fraud in real-time and enhances customer experience. When implemented as a two-factor authentication model with passwords, PINs and other biometrics, it can be a powerful tool to transform customer experience across all touch points. 

Auraya recommends that authorised customers voice prints are stored behind secure firewalls and during authentication, customers speak a randomly generated phrase or digit string to verify with their voice. This becomes an added security measure ensuring no voice recording can be used to thwart the system and protects the customer. Banks and government agencies are adopting voice biometrics as it is your true second factor authentication that provides non- repudiable digital signatures for regulatory compliance. Read about Bank of New Zealand and New Zealand Government‘s implementation of voice biometrics.

Traditional authentication methods are not only susceptible to fraudulent activity, but are also increasingly causing inconvenience to customers who tend to forget complex structured passwords for all their accounts and apps. As specialist voice biometric technology developers, Auraya has worked across industries such as banking, government, healthcare and education and has achieved excellent customer and security outcomes.


sign up to our mailing list