Digital Transactions Authoritative, insightful and timely information for payments professionals
With hackers, phishers, and other criminals undermining the trust all transaction networks depend on for their survival, some experts say the time has come to fight back. In the following excerpt from “The Myth of Invincible Encryption,” an article that will appear in the May-June 2005 issue of Digital Transactions magazine, the distinguished cryptographer Gideon Samid suggests one line of attack for beating hackers at their own game: Every good chess player role-plays his opponent. Every successful football coach does the same. Business asks: What would I do, were I in charge of my competition? The very same strategy is effective vis-à-vis fraud. You ask the potential victims of fraud to play the role of an executive in an entity we may call Fraud Inc. How would you bilk someone like yourself? What is the most cost-effective way to achieve your fraudulent goal? The more time you spend in that role, the better your security. Role playing achieves two things: (1) You discover vulnerabilities you can patch in time; (2) You become security-minded and develop alertness to some clever schemes you have not been specially prepared for. The result of role-playing is one, or several, most-likely attack scenarios. These are the perceived best ways to achieve the fraudulent goals. Once the scenarios are identified, we have found that the best way to detect and protect against them is a methodology called BiPSA: Binary Polling Scenario Analysis. The bank boasts a computer network. The hackers boast a brain network. Guess who has the upper hand? Hackers don't work alone. They build on each other's ideas, they cross-fertilize each other's schemes. And the single or few security officers in the bank are no match for them. BiPSA changes that. It's a methodology that enlists a large number of security-minded individuals to bear upon a security issue. Since it is not practical to run a detailed role-playing exercise with a large number of people, the solution is as follows: Once the role-playing team has identified a most-likely attack scenario, they then issue a statement saying that within, say, the next six months, the bank will be attacked through this scenario. This statement, including a detailed description of the attack scenario, is then rushed to a large number of security experts, or even half experts. Each recipient is asked to answer the following: Is the statement herein more likely to be true, or more likely to prove itself false? A binary call. After six months, the statement has either proven itself true or proven itself false. This reality check would now distinguish between those who took the correct binary choice and those who answered incorrectly. After several rounds of such reality checks, the operator of BiPSA knows whose opinions should carry more weight. BiPSA features a sophisticated neural network that aggregates the individual answers into a high-credibility summary answer. And in the wake of these binary responses, the BiPSA respondents come to think about the issue. They think hard because they know that reality will either credit or discredit them. A typical memo by a security consultant would be studded with hedges so that he or she can never be embarrassed. By contrast, the binary call has no room for ambiguity. This state of affairs is a great stimulus for security people to think long and hard. And this community thinking produces ideas and solutions that would have never surfaced in the mind of the lone chief security officer at the bank.
