Magento applies 2FA for protection against card skimming attacks

Monday 20 July 2020 12:20 CET | News

Adobe has added two-factor authentication (2FA) via the Magento platform in response to the number of attacks where skimmer scripts are deployed on hacked ecommerce sites.

The purpose of these scripts is to steal customers' credit cards, Bleeping Computer reports. The Magento 2FA extension supports multiple authenticators including but not limited to Google Authenticator, Authy, Duo, and U2F keys. 2FA applies to Magento Admin users only and it is not available for online store customer accounts.

The Adobe Security Operations team suggests that roughly 75% of all web skimming (or Magecart or e-skimming) attacks were caused by the attackers being able to deploy card skimmer scripts on Magento Commerce websites via compromised admin accounts. The 2FA will help Magento admins to have an additional layer of authentication to decrease the attack surface for skimming attacks by preventing threat actors from gaining access to the site through the admin portal using a compromised account.

More: Link

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Magento, 2FA, fraud protection, card skimming, attacks, ecommerce, credit cards, fraud, accounts, authentication
Categories: Fraud & Financial Crime
Countries: World
This article is part of category

Fraud & Financial Crime

Industry Events