Glossary

Definitions

  • 2-factor authentication - authentication of an individual using two pieces of information derived from what they are, what they know or what they have, such as password + fingerprint or swipe card + PIN
  •  
  • Authentication Server - The device used to authenticate the consumer's MSK token and Passcode
  •  
  • Authentication - the process by which the rights of an individual are determined by the presentation of that individual's credentials
  •  
  • Brute force - the attack mechanism that tries all possible combinations
  •  
  • Consumer - A person who uses a website
  •  
  • Cardholder - the person holding the credit card
  •  
  • DoS - an attack profile that swamps the target web site with enough information to prevent other users from gaining access
  •  
  • DoS - an attack profile that locks out users from the target web site by sending too many failed attempts preventing users from gaining access
  •  
  • Encryption breaking - cracking an encryption process using mathematical mechanisms, rainbow tables or brute force
  •  
  • Key-logger - the attack process whereby the keystrokes of the victim are surreptitiously captured and replayed to perpetrate a crime
  •  
  • Man-in-the-middle - an attack process whereby the attackers insert themselves between the victim and the target website and simulate connections to both
  •  
  • Merchant - a company that wishes to deliver products or services via the web
  •  
  • Passcode - A string of alphanumeric characters that is known only to the consumer
  •  
  • Phishing 1.0 - Enticing the consumers to use bogus websites to access personal information thereby revealing their credentials
  •  
  • Phishing 2.0 - Enticing the consumers to use a Proxy site (Man-in-the-middle) to access personal information thereby revealing their credentials
  •  
  • Rainbow tables - a complete set of all possible keys and their encrypted strings used to achieve quick lookups to break encryption
  •  
  • SDLC - the Software Development Life Cycle, the controlled process under which products are developed
  •  
  • SHA - (Secure Hash Algorithm) a hash algorithm, used in various formats denoted by key size, 1, 256 or 512
  •  
  • Spear phishing - Spear phishing describes any highly targeted phishing attack. Spear phishers send e-mail that appears genuine to all the employees or members within a certain company, government agency, organization, or group. Spear phishing also describes scams that target people who use a certain product or Web site. Essentially, scam artists will use any information they can to personalize a phishing scam, directed to as specific a group as possible
  •  
  • SQL Injection - an attack process whereby the attackers injects SQL commands through input buffer fields like username and password fields. This attack can corrupt data or lead to full system compromise
 
   
 
© Copyright 2010 MSK Security Patented Technology All Rights Reserved.  Privacy Policy  |  Contact Us  |  Site Map