Pell Grant and Direct Student Loan Fraud are two of the biggest obstacles plaguing institutions of higher education and the worst part is, there’s no immediate end in sight. In 2016, almost $4 billion was disbursed improperly. With the feds cracking down and looking at new funding models, it’s uncertain what the future holds for financial aid or how it will affect students and schools. The feds have responded with new regulations that now make Title IV funding dependent on whether you are compliant with adequate student ID verification. Don’t you not want to know about this?

The latest case study from Biometric Signature ID (BSI) examines a series of best practices that have been collected from our clients who are using BioSig-ID, the world’s first biometric password. Initially it was implemented as an academic integrity strategy to ensure institutions verify and authenticate online students, However, the serendipitous discovery of BioSig-ID’s success in deterring FSA fraud has expanded the application of BSI’s tool beyond the focus of its original intended use. BioSig-ID is a powerful tool used to identity fraudulent activity. Ultimately this saves the institution, legitimate students and taxpayers who are all affected in some way by federal student aid fraud. What are the two ways that the feds make the school pay the tab for fraudulent students?

Biometric Signature ID is a leader in the Identity and Access as a Service (IDaaS) market. To view the entire study please click here.

Recently, several of the world’s top professional poker players revealed that they have been victims of a hacker or group of hackers who took over some of their non-poker online accounts. The security weakness that allowed this to happen was one most people wouldn’t expect: two-factor authentication (2FA). 

One of the most common forms of 2FA is SMS text messaging using a person’s cell phone. It makes sense. Almost everybody has a cell phone – smart or otherwise – and can easily retrieve a pin and password via SMS technology. However, it’s not secure! In fact, in the latest draft of their Digital Authentication Guideline, the National Institute of Standards and Technology (NIST) noted that “using SMS is no longer recommended as a credible two-factor authentication system because of its many insecurities”.

In the case of the poker players, they requested sensitive personal information that was provided to them via SMS text messaging. This ultimately allowed someone to take over several of their non-poker related online accounts.

Ultimately the weak link is the cell phone company. Whether it’s ghost towers, negligent customer service representatives, a hacked phone, or a mass data breach it’s a known fact that cell phones are often a major source of personal identity theft and fraud. It’s also important to note that while this appears to be an isolated incident, it’s not. This time it was four professional poker players, but there’s no telling how many others could have been affected by this same breach, OR how many people are plagued by similar issues around the world each day for that matter.

The writing is on the wall or in this case your phone, so here’s what we know. 2FA authentication is out, multifactor authentication (MFA) is in (something you know, something you are). Biometric Signature ID has the solution you need to keep your personal identity safe. Using our revolutionary MFA biometric solution BioTect-ID, we can lock down a device, authenticate users in seconds and in the case of an attempted breach, revoke access. Cloud-based identity protection at your fingertips:

  • BioTect-ID (SKSA) now locks access to devices
  • BioSig-ID (SKSA) locks access to web applications

If you worry about the security of your customers call us. BioMetric Signature ID has proven id authentication with over 10 million uses in 95 countries. Cloud-based identity protection without software downloads or additional costly hardware. SMS alone cannot do that. 
 

 

The ability of telehealth companies to do business in Texas--the last major U.S. market stymieing the growth of video doctor consultations--cleared a key hurdle when a bill widening patient access cleared the House of Representatives.

The new legislation is the latest victory for the Telehealthcare industry. Passage has opened a market of 28 million people to telehealth companies like American Well, MDLive and Teladoc that all offer access to physicians and patients via smartphone, tablet or computer. In recent years, employers and private insurers have started embracing the trend as a way to make healthcare more convenient and avoid costly and unnecessary trips to the emergency room, or a more expensive physician’s office. But there’s still some side effects…

While Telehealthcare continues to help keep costs down and makes it more convenient for patients, there’s a lot of risk with web-based medical services. EMR records are stored digitally, E-script companies and patient portal systems typically still only require a pin and password for access and current authentication methods are outdated, costly and unreliable.

The fact is, data breaches are up. A recent Accenture study found that 26 percent of Americans, or more than one in four, had had their health care data breached—meaning that health systems need to step up their efforts when it comes to privacy. In 2015, Anthem, the largest health insurance company in the U.S. was subject to a massive data breach forcing them to pay a record $115M to settle data breach suit. If approved, this settlement will mark the largest payout to date for a data breach case.

The new legislation that was passed in Texas allows telehealth consultations between a physician and a patient AS LONG AS the clinician complies with certain standards such as use of “clinically relevant photographic or video images, but even this can be bypassed or hacked.

It’s time that patients demand stronger security measures and it’s up to providers and physicians to ensure that they stay vigilant in safeguarding personal information.

BioMetric Signature ID’s suite of products including BioSig-ID, BioTect-ID and BioProof-ID gives you the tools and confidence you need to successfully combat fraudulent activity. Proven with over 10 millions uses, our gesture biometric security combines a great user experience with an ID verification solution unlike anything else on the market today. Best of all, NO downloads or hardware required! Visit our web site today and take a test drive to experience BioSig-ID™ for yourself. 

 

VIRTUAL PROCTORING – Is It True The System Can Be Broken?

Virtual proctoring, it’s a service nearly everyone is familiar with. Created to help higher-ed institutions protect against cheating, the process is designed to be cheaper than brick and mortar proctoring methods which are typically very expensive. The problem is, it’s not effective.

With technology growing at an unprecedented rate, virtual proctoring companies are not equipped to deal with the emerging technologies and actors that seek to thwart their “cheat proof” systems.

Typically, when taking an online-proctored exam, students are required to have a computer, a monitor, a webcam, and in some cases, device of some sort to show the proctor that you do not have any notes taped to the side of your monitor. Proctors then use their remote access to take over control of your mouse and check the settings on your computer to ensure that you only have one monitor display and to disable your screenshot capability. Finally, the proctor then has you spin your webcam around the room so they can see where you are taking the test. 

In theory, as the test taker you’re stuck in front of your monitor with a webcam that shows everything to a proctor on the other end. Problem solved right? Well… not so fast.

A quick google search shows that these so-called “remote proctoring solutions” can be beat. Blogs and how-to guides like “How to beat online exam proctoring” or "Beating, Cheating, and Defeating Online Proctoring” are just a few places where students can receive information and training on how to cheat on a virtually proctored exam.

Students and faculty alike have also complained that virtual proctoring is intrusive, expensive and ineffective. In an article entitled “Students raise concerns about exam web tool ProctorTrack” the author notes that there is considerable skepticism about tools like ProctorTrack and their ability to combat cheating.

IN FACT, students have taken it upon themselves to demonstrate just how ProctorTrack can be bypassed and have created a guide for beating the system - “On Knuckle Scanners and Cheating – How to Bypass Proctortrack”.

Unfortunately, schools are being sold a feel-good system that students can now drive a truck through to cheat. Liability for collecting physical biometrics like face, fingerprints and the potential hacking of same are important to know about:  

At the end of the day, cheaters and frauds will always try to game the system. It’s been proven that proctoring does little to deter academic dishonesty as a whole. After all, if you know you will be watched you are generally on your best behavior, because cheating can expel you.

Sure, a proctored mid-term or final may keep most students honest, but what about the rest of the semester? AND since all the other gradable assessments that count for most of the GPA are not proctored and use a password to access, students use whoever they want to do the work for great grades. Depending on how a course is weighted, the proctored exam may only account for 30% of the overall grade while the other 70% of the course is fair game for cheaters.

Periodic authentication throughout a course semester is the key for stopping bad actors. If you’re looking for a solution that’s non-invasive, affordable and proven to work, check out BioSig-ID™. Make students happy. Deliver yourself from risk. Re-take control of the classroom.

Some college students are apparently willing to pay hundreds to off load a test or thousands for the whole course. Google “pay to do my homework” is the top monthly search phrase for the top sites most visited to rid one’s self of the onerous task of doing one’s own course work and to guarantee a good grade or your money back.  The phrase, “Do my chemistry homework,” is another top favorite for those who would rather pay than study. 

In 2014 when I first searched there were only a few companies in the business of taking student’s tests, but the field of competitors has grown.  I was the Dean of Academic Technology for Colorado Community College Online (CCCO) then and was looking for a solution to making assessments secure.  Faculty and administrators suspected that there was cheating going on, but we weren’t sure.  We didn’t really know how much it was.