2018-07-26 08:29Blog post

The best way to handle security threats is simply to prevent them from happening altogether

It’s spine-chilling to imagine that sensitive information about you could have been accessed by a cybercriminal or published somewhere on the public or dark web, isn’t it? Regrettably, the chances are that this has already happened.

With the apparently endless bombardment of malware and phishing attacks, navigating the digital world is a risky business. The nagging and constant feeling of unease is the reality for almost every person using any type of online service - and today that is all of us. If people don’t know which information that is sensitive, and which isn’t, where their information is stored and who has access to their data, then they are in a dangerous position from a cybersecurity perspective. Perhaps we should delete our Instagrams, stop sending emails, uninstall our banking apps and move to a desert island? This common fear is a very real challenge for companies that handle their users’ credentials. Everything relies on security - no matter what trade a company is in - they are all in the trust business.

Despite arduous efforts to continuously reinforcing security, data protection is only as strong as its’ weakest link, no matter how many precautions that are taken to keep users safe online. As it traditionally has been expensive to invest in security soft- and hardware, recruit data security experts or employ entire data security departments one fallback, especially for online retail, has been to just rely on credit card issuers or the banks’ security systems to handle it all. Some services still even offer only one-factor authentication in the form password “protection” (we put the word “protection” in quotation marks as passwords are useless when it comes to online security).

Cybercrooks can decipher even the longest, most complicated password imaginable within minutes.

However, more and more companies have started to offer their users two-factor authentication (2FA) via a second channel - the mobile device. Not long ago text messages were used for this purpose (and still are in too many cases). Okay, the least difficult way to implement two-factor is with SMS, where the user receives an access code each time they log in to a secured account. And of course this is better than nothing, but 2FA via SMS has an abundance of drawbacks (but that is another blog post). One of them is that hackers nowadays can “reroute” the two-factor SMS notifications to their own devices by hijacking your SIM-card and stealing your phone number.

For better protection, digital giants like Google and Microsoft are now instead of pushing for their Authenticator apps, which, sorry to say, just work within their own systems. Authentication over a mobile app relies heavily on several pieces of the puzzle falling in place and most security apps today are not user-centric, i.e., user-friendly or intuitive. This is where Covr differs, its beauty is in its simplicity: not only does our app build on unique multi-factor, second channel out-of-band authentication - it also caters for an easy journey for the user. Instead of having to login into applications one by one as with other authentication apps, Covr’s centralized single sign in and user authorization system needs only one set of login credentials that can be used to access numerous applications.

Just tap “Yes” or “No” and Bob’s your uncle.



About COVR Security

Covr Security AB, located in Malmo, Gothenburg, Stockholm, Frankfurt and Palo Alto, is a Swedish cybersecurity company. We have developed a next-generation, user-centric mobile security management app for a wide range of heavily regulated digital industries that depend on strong customer authentication and privacy. The Covr app is available both as an off-the-shelf authentication mobile app ready for a quick launch, and as a powerful SDK for hassle-free integration into existing mobile applications

Contacts

Daniel Gladh
Marketing and Social Media Manager
Daniel Gladh