Chasing mules in Paraguay – my journey with fraud protection in the LatAm financial sector
The detection and combat of mule accounts are an ongoing problem that banks are trying to solve. Currently, I am working hard with Microsoft’s DFP engineering team and the WhoIAM architects to craft a solution that can eradicate this virtual plague that is getting out of hand, risking and compromising citizen accounts, and the reputation of financial institutions. -Muna Annahas
Continue Reading
Verified ID Experience: Part 2
The verifiable credentials spec is interesting enough to completely change the way we handle user identities. At the end of the day though, the thing that matters is getting it working and into the hands of real users. In this post, I'll walk you through how we implemented Entra Verified ID. - By Matt Takemoto
Continue Reading
Verified ID Experience: Part 1
Verifiable Credentials seeks to eliminate the need to store your passwords and sensitive data on someone else's server. Instead, you would store a credential that lives on your device. So, instead of the identity provider being the source of truth for "are you who you say you are", you and your device are. The spec also allows for a couple of interesting privacy-preserving features. Say you have a student ID card that has your full name and ID number - By Matt Takemoto
Continue Reading
Fraud Protection Beyond the Firewall: Protecting Government Funds From Digital Fraud
Presented by Ajith Alexander, Founder and Head of Product Management at WhoIAM and Sondra Feinberg from the Dynamics Fraud Protection division at Microsoft, this webinar demonstrates how Microsoft’s Dynamics Fraud Protection combined with Azure cloud is designed to mitigate all types of fraud from server to account and application-level attacks.
Continue Reading
WhoIAM joins the Microsoft Intelligent Security Association (MISA) and launches Rampart
WhoIAM has joined the Microsoft Intelligent Security Association and has launched its new product in the MISA partner catalog. The new product, Rampart, is an authorization engine and helpdesk administration tool for Microsoft Azure Active Directory (Azure AD) External Identities.
Continue Reading
Getting Power Apps Portal to work with Custom Policies in Azure AD B2C
Learn how to integrate Azure AD B2C into PowerApps using custom policies
Continue Reading
Implementing Password History in Azure AD B2C
Preventing users from using previously used passwords is an important industry requirement. In this blog, we look at how you can implement password history with Azure AD B2C.
Continue Reading
Using social identity providers to log into other websites, a first-person narrative
Matt Takemoto, our newest software engineer at WhoIAM describes how he revisited a Spotify account breach he experienced in the past after he started working at an identity/security company.
Continue Reading
Hashed Password Migration in Azure AD B2C
Migrating from an older identity and access management solution often requires some careful thought on how to port over hashed and salted passwords into your new IAM system. In this post, we will discuss how to deal with migrating hashed passwords from your current identity provider into Azure AD B2C
Continue Reading
How to Recognize and Prevent Credential Stuffing Attacks on Azure AD B2C
As a company implementing an IAM solution, it is essential to have a plan for mitigating hard-to-discover attacks like credential stuffing. Keep in mind that while you must enforce security measures, there’s careful consideration that needs to go into providing a highly secure authentication mechanism, while ensuring that the friction of logging into your app does not result in customers just dropping off and not completing a registration or sign-in.
Continue Reading
Setting Up A Helpdesk Experience For Azure AD B2C
We frequently get enterprise customers who are deploying Azure AD B2C for their consumer identity needs and have to carefully consider how their customer helpdesk needs to be prepared to deal with the transition to a new consumer identity platform.
Continue Reading