x
By using this website, you agree to our use of cookies to enhance your experience.
Sara Statman
Sara Statman
Founder & CEO
136  Profile Views

About Me

Sara is Founder & CEO of IDcheck, LetFaster and HireFaster, which provide Biometric Identity Screening, Fraud Detection, as well as automated Tenant and Employment Screening.

She has over 20yrs experience across Tier1 Banks, Hedge Funds, Brokers and Investment Advisors: ex-trader/quant, who moved into Risk, Governance, Controls, Regulatory Compliance, Market Surveillance and Technology.

She served as Vice-President of The Hedge Fund Association, holds an MSc Computer Science from Imperial College, an Honours Degree in Economics and speaks Spanish and French.

my expertise in the industry

- GRC (Governance, Risk, Compliance) & Internal Controls
- Technology: Real-Time Systems, Artificial Intelligence, Algos, Programme Management
- Analytics across numerous sectors: Financial Services, Fraud Detection, Biometrics, Business Intelligence



Sara's Recent Activity

Sara Statman
David, Thank you for raising such important issues. Passwords in general are known as "one factor" authentication. Multi-step authentication requires two physical passwords or codes. Typically this would be your login ID or e-mail as the first step then a One Time Passcode (OTP) sent by sms. However both of these are one factor as they are things “you know”. You may access an e-mail account from your mobile and receive the OTP through the same mobile so you are still only using one device. The authentication key is not part of the device itself, but rather information stored on the device. Furthermore, OTPs can be hacked through “social engineering”. This means hackers manage to intercept your mobile data and thus would have access to the OTP and your systems. To address these concerns, along came 2-Factor Authentication (2-FA). This means there must be two separate factors present before the user can login. The first factor is "possession" of a device: a smart phone, ipad, desktop or laptop. The second factor is "knowledge": PIN, Passcode or Biometric ID. A good analogy is a bank’s ATM card combined with a PIN. The pin needs to be used in combination with the card to allow account access. With on-line systems in general, instead of an ATM card, 2-FA relies on a user’s device plus a PIN or Passcode. For theft to occur the hacker would need to steal both the device and the knowledge of the PIN or Passcode. Key-Based, 2-Factor Authentication (2-FA): The Solution Used by LetFaster A superior alternative is key-based 2-FA. The PIN is neither transmitted nor stored so it cannot be hacked or stolen. When a new user signs up, the user downloads the app, enters a PIN and remembers the PIN, the same as they would for an ATM card. Furthermore, the PIN is always entered on the app’s special keypad, not on the keyboard/keypad of the device. This is a significant improvement as it prevents a keylogger from recording what you type. If your device is stolen, the PIN would fail after a few incorrect attempts. In this instance the only way to obtain the PIN remotely would be accessing the device’s camera, so for additional security the user could hide the camera lens while typing the PIN. Anyone wishing to upgrade security and integrate our secure Key-Based 2-FA into their own systems may contact us at info(at)letfaster.tech. LetFaster is a division of IDcheck Limited.

From: Sara Statman 17 September 2020 08:59 AM

HBB Solutions HBB Solutions HBB Solutions