News and Events

October 17, 2017

Senior Cybersecurity Engineer Bill Newhouse will participate in a panel on "Build Omni-channel Fraud Strategies with Deep Entity Profiling & Automation" at RSA Charge on Wednesday, October 18, 2017 from 2:30pm to 3:15pm. The panel will discuss best practices to leverage these technologies to mitigate fraud more effectively while reducing end-user friction and operational costs and enabling omni-channel business growth.

September 13, 2017

Authenticating users in card not present (CNP) transactions continues to be a challenge for e-commerce payments. In this session "No Card? No Problem" NCCoE's Deputy Program Manager Brian Abe and Orvis' Head of IT Security, Compliance and Risk Management Tyson Martin will discuss approaches being developed by the NCCoE in conjunction with industry partners to implement multifactor authentication to address these challenges and implement stronger authentication mechanisms to ensure a customer is authorized to use a credit card for e-commerce transactions. The NCCoE example implementation will introduce multifactor authentication that ties to existing web analytics and contextual risk calculation to reduce the risk of false online identification and authentication fraud.

August 21, 2017

The National Institute of Standards and Technology is trying to bolster ecommerce authentication on desktops and mobile devices. It was spurred to tackle its Multifactor Authentication for e-Commerce project because of the realization that increased security in the physical world (with such steps as cards with EMV chips) means thieves are going to start to focus more on card-not-present transactions.

August 21, 2017

Australian cyber security company TokenOne has become the first local business to be selected by the United States National Cybersecurity Center of Excellence and will work with a consortium to tackle identity theft and fraud in e-commerce through multi-factor authentication.
 

August 09, 2017

Rivetz has announced its collaboration with National Cybersecurity Center of Excellence(NCCoE) on the Multifactor Authentication for e-Commerce project. Rivetz will participate in a consortium to contribute expertise to create an example implementation guide that online retailers can implement to reduce fraudulent online purchases.

August 08, 2017

Callsign, CA Technologies, Rivetz, RSA, Splunk, TokenOne, and Yubico, have joined the National Cybersecurity Center of Excellence (NCCoE) as technology collaborators in the Multifactor Authentication (MFA) for e-Commerce project.* In response to a call in the Federal Register, these companies submitted capabilities that aligned with desired solution characteristics listed in the project description...

August 08, 2017

Rivetz today announced it has been selected by the National Cybersecurity Center of Excellence (NCCoE), part of the National Institute of Standards and Technology (NIST), to collaborate on its Multifactor Authentication for e-Commerce project.

June 19, 2017

NCCoE security engineer Bill Fisher will be presenting a session on NCCoE projects on June 19 from 9am to 12pm at the Cloud Identity Summit. Presentations will include overviews of the Mobile Application Single Sign-On project and the Multifactor Authentication for e-Commerce project. NCCoE security engineer Christopher Brown will present a deeper dive on the NCCoE's Derived PIV Credentials project on June 22 at 11:15am. The summit brings together the best of industry and enterprise presenters and experts to share insights and to synthesize new ideas. The summit will be held from June 19-22 at the Sheraton Grand...

December 20, 2016

The National Institute of Standards and Technology has announced a new opportunity for industry collaboration on multifactor authentication technology, in an effort to increase the security of online identities and reduce risk of online fraud.

November 14, 2016

We know the importance of safeguarding our credit cards—we don’t leave them laying around in plain sight and we don’t share our PIN numbers. We are discriminating about where we save our credit card information online, and most of us try to use good passwords. However, we also know that there are malicious actors that want this information and are increasingly adept at retrieving it despite our best efforts.

June 05, 2016

NCCoE security engineer Bill Fisher will be presenting a session on multifactor authentication in the retail sector and identity and access management in the Internet of Things (IoT) space on June 6 from 9am to 12pm at the Cloud Identity Summit. The summit brings together the best of industry and enterprise presenters and experts to share insights and to synthesize new ideas. The summit will be held from June 6-9 at the Mariott New Orleans in New Orleans, LA.

May 17, 2016

According to the National Cybersecurity Center of Excellence (NCCoE), there’s evidence that PII is now worth much more on the black market than credit card numbers, and the implementation of EMV in the U.S. will likely lead to a surge in counterfeit cards and other types of fraud. Regulations and standards around protecting PII have emerged overseas, but not so much in the U.S. So, the NCCoE is taking public comment on a project around securing non-credit card and sensitive consumer data.

May 15, 2016

The National Cybersecurity Center of Excellence (NCCoE) is seeking public comment on a project aimed at reducing retail fraud in the U.S. The catalyst for the project is the uptick in fraud among European retailers since the rollout of EMV chip-and-PIN (CNP) technology a decade ago.

April 24, 2016

NIST Deputy Director and NCCoE Senior Security Engineer Bill Newhouse will present Working Together: Addressing Retail Cybersecurity with Standards and Best Practices on Monday, April 25 from 10:40am to 11:30am at the Retail Cyber Intelligence Summit in Chicago. This session will focus on specific challenges in the retail and payment ecosystems and how the NCCoE is working with stakeholders from across the retail ecosystem to address important retail cybersecurity issues.

Location
Hyatt Regency Chicago
151 East Wacker Drive
Chicago, Illinois 60601

March 21, 2016

Cybersecurity incidents affecting consumer-facing businesses threaten the financial security of companies and the public, weakening consumer confidence, eroding individual privacy protections, and damaging the brand value and reputation of businesses.

Join the National Cybersecurity Center of Excellence (NCCoE) for a public workshop to help consumer-facing businesses improve the security around their payment ecosystem and better protect consumer information. Dive into technical issues, architectures, standards, and best practices surrounding multifactor authentication of online transactions and secure handling of sensitive, non-credit card consumer data with some of the brightest minds in this area.

March 10, 2016

With attacks on America’s largest retailers continually in headlines, adaptable secure solutions are required. A 2014 Deloitte report on retail cybersecurity revealed that 100% of retailer survey respondents listed “theft of customer data” as their primary concern, followed by breach-related costs, and financial fraud. The retail industry is hungry for solutions that can not only be implemented today to solve current problems, but can also help mitigate future security issues. While challenges persist, innovative advances in cybersecurity technologies present new opportunities to increase security while maintaining business operations. To...

November 18, 2015

Recent, well-publicized cybersecurity incidents within the retail space has impacted the industry—weakening consumer confidence, eroding privacy, and damaging businesses’ brand and reputation. As the holiday season approaches, increasing cybersecurity at the point of sale and for payment technologies has become a critical priority for consumer-facing businesses. Join us for a lively discussion on the trends and challenges to improving cybersecurity in the retail industry.

Registration is free and required. 

Details

Time: 10:30 am - Noon

Agenda and Speakers:

May 17, 2015

The National Institute of Standards and Technology announced Friday it is extending the deadline for public comment on a draft report on securing consumer data until July 17.

May 14, 2015

To allow industry more time to prepare and submit comments, the National Institute of Standards and Technology (NIST) has extended the deadline for comments on its draft NISTIR 8050 report, focused on cybersecurity challenges in consumer-facing industries.