I Don’t Use Apple Pay Because It’s Less Secure …: Perception of Security and Usability in Mobile Tap-and-Pay

Apple Pay was launched more than 3 years ago to provide a “fast and secure” method of payment and quickly became very popular in the US. It was shortly followed by Android Pay which is also becoming popular.  However, not everyone uses these systems despite their claimed security, convenience and speed. Jun Ho Huh, Saurabh …

Atty Mashatan – Strategic Implications of Quantum-Resistant Cryptography

  Dr. Mashatan is currently a faculty member at the Ted Rogers School of Information Technology Management of Ryerson University where her research focus has been on Information Systems Security and Privacy. Prior to joining Ryerson University, she was a Senior Information Security Consultant and Solutions Architect at CIBC. Prior to that Dr. Mashatan was …

CAFC Financial Crime Trend Bulletin: Text Message

The Canadian Anti-Fraud Centre has released its latest bulletin on the subject of Text Messaging Scams, sometimes referred to as SMSishing.    Find the English and French versions of the bulletin at the link below. 2017-09-15_Text_Messages_EN 2017-09-15_Text_Messages_FR “Text messaging scams occur when scammers use deceptive text messages to lure consumers into providing personal or financial …

Benjamin Fung – Kam1n0 Assembly Clone Search for Reverse Engineering

Presented at the Spring 2016 SERENE-RISC Workshop. Assembly code analysis is one of the critical processes for mitigating the exponentially increasing threats from malicious software. It is also a common practice for detecting and justifying software plagiarism and software patent infringements when the source code is unavailable. However, it is a manually intensive and time-consuming …

Privacy Loss in Apple’s Implementation of Differential Privacy on MacOS 10.12

Differential privacy (DP) provides a way to quantify privacy. A privacy budget quantitatively measures by how much the risk to an individual’s privacy may increase due to the inclusion of certain data. The higher the value, the less privacy protection is provided. This paper by Jun Tang, Aleksandra Korolova, Xiaolong Bai, Xueqiang Wang, and Xiaofeng Wang identifies the components …

NISTIR 8183 – Cybersecurity Framework Manufacturing Profile

The National Institute of Standards and Technology has released a Cybersecurity risk reduction framework for businesses in the manufacturing sector.  The document outlines a general target profile for manufacturers around to identify risks within their business more efficiently than customizing from a general set of guidelines.   If you are in any manner concerned with …

Mining the Networks of Telecommunication Fraud Groups using Social Network Analysis

Telecommunications fraud groups, the ones running scams over the telephone are a problem around the world. Taiwan is no exception with a number of related arrests in the past decade.  Telecom fraud group. Yi-Chun Chang, Kuan-Ting Lai, Seng-Cho T. Chou and Ming-Syan Chen wanted to learn more about how these fraud groups operate through Social …