Expert Insight On LendingCrowd Data Breach And The Need For 2FA On Financial Accounts

LendingCrowd has reported the data security incident to authorities and is communicating with the affected customers. While LendingCrowd has instructed customers to enable two-factor authentication in the wake of this breach, the incident raises the important question of why the financial services firm doesn’t already have 2FA and other strong authentication measures enabled for its customers by default.


EXPERTS COMMENTS
Sam Bakken, Senior Product Marketing Manager,  OneSpan
November 05, 2019
User convenience is not a good excuse for not enforcing strong security.
Enabling two-factor authentication is great advice, but I wonder why LendingCrowd doesn’t enable it by default for its users – or at the very least for high-net-worth individuals. After all, this is a service that moves money around. We know that attackers are targeting financial services accounts, and we know that multi-factor authentication is VERY effective in preventing account takeover. User convenience is not a good excuse for not enforcing strong security. Face recognition, behavioral biometrics, and push technologies have gotten to a point where it’s really painless to layer on additional security and authentication technologies without hassling users.
Sam Bakken, Senior Product Marketing Manager,  OneSpan
November 05, 2019
User convenience is not a good excuse for not enforcing strong security.
Enabling two-factor authentication is great advice, but I wonder why LendingCrowd doesn’t enable it by default for its users – or at the very least for high-net-worth individuals. After all, this is a service that moves money around. We know that attackers are targeting financial services accounts, and we know that multi-factor authentication is VERY effective in preventing account takeover. User convenience is not a good excuse for not enforcing strong security. Face recognition, behavioral biometrics, and push technologies have gotten to a point where it’s really painless to layer on additional security and authentication technologies without hassling users.

If you are an expert on this topic:

Dot Your Expert Comments

SUBSCRIBE to alert when new comments are posted on this news. :



Join the Conversation

Join the Conversation


In this article