Gartner Blog Network

Avivah Litan
VP Distinguished Analyst
12 years at Gartner
30 years IT industry

Avivah Litan is a Vice President and Distinguished Analyst in Gartner Research. Her area of expertise includes financial fraud, authentication, access management, identity proofing, identity theft, fraud detection and prevention applications…Read Full Bio

EMV PIN Credit Opponents should learn from Apple Pay

by Avivah Litan  |  October 20, 2015

The longstanding debate between merchants and the credit card companies over using PINs with EMV chip cards should not even be a debate in my opinion. PINs most assuredly provide more security for card use (and 70% less fraud than signature cards) and consumers comfortably use them for ATM and other debit transactions. Many banks […]

Read more »

EMV rolls out with lots of tension between retailers and card issuers

by Avivah Litan  |  September 30, 2015

Tomorrow marks the first day liability on card-present transactions will shift to retailers by default if they don’t accept a chip card that is presented to them at the point of sale. It’s like a cold splash of water – the day has finally arrived. Retailers have many decisions to make about how to cope […]

Read more »

Problems with EMV; Slower Check Outs and More Online Fraud

by Avivah Litan  |  July 24, 2015

EMV chip cards are no panacea. Yes they are much more secure than magnetic stripe cards but as it turns out, they are also MUCH less convenient for rushed shoppers like myself. I’m sure many of you are like me – in order to speed up your checkout at a grocery store you; a) Swipe […]

Read more »

Splunk and Microsoft acquisitions bode well for User and Entity Behavior Analytics (UEBA)

by Avivah Litan  |  July 20, 2015

Wow – two potentially lucrative acquisitions of UEBA vendors in less than weeks – Splunk acquired UEBA vendor Caspida for $190 Million and news sources report that Microsoft will acquire CASB/UEBA vendor Adallom for $320M, although this has not been confirmed. Security analytics and the integration of UEBA vendors and their machine learning technology is […]

Read more »

Where has all the Stolen Data Gone? And who the heck is “King S”

by Avivah Litan  |  July 1, 2015

I just returned from Israel where one of the more interesting sessions I participated in included an impromptu discussion with some very smart attendees, including former Israeli intelligence officers trying to answer a very basic question: “Where has all the stolen data gone and how is it being used? “ We have all been bombarded […]

Read more »

IRS Portal Problems should come as no surprise

by Avivah Litan  |  May 31, 2015

Recent headlines that criminals exploited identity proofing systems used at the IRS website should come as absolutely no surprise to anyone. What’s surprising to me is that anyone still relies on public PII (personally identifiable information) data when they know how widely it’s been exploited over the past few years. Criminal compromise of PII data […]

Read more »

ApplePay Fraud points to Looming Problems with Mobile Payments

by Avivah Litan  |  March 2, 2015

Last week, I participated in the ISMG Fraud Forum in Los Angeles, and one of the more interesting things I learned was how rampant ApplePay fraud is. Turns out the bad guys are loading iPhones with stolen card-not-present card information (which is much easier to steal than card present magstripe data) and essentially turning that […]

Read more »

What Healthcare needs to learn from Retail after the Anthem Breach

by Avivah Litan  |  February 7, 2015

It seems like every news analysis article on the Anthem healthcare insurance breach headlines that data encryption is the solution that will stop similar breaches in the future. Too bad these commentators’ have such short memories and forget what’s happened in the retail industry where PCI rules enforcing data protection (e.g. encryption, masking or other […]

Read more »

Where have all our Passwords Gone?

by Avivah Litan  |  January 22, 2015

“Young hackers have picked them everyone. Oh, when will they ever learn? Oh, when will they ever learn?” Not sure you remember this classic Peter Paul and Mary song but it is certainly appropros for the moment. Last August, the New York Times reported that a Russian crime ring had amassed the largest known collection […]

Read more »

The Hidden problems with Payment Card Security Technologies and PCI

by Avivah Litan  |  January 13, 2015

Ever since the high profile payment card data breaches, we have been getting lots of client inquiries around payment card security technologies — point-to-point encryption, tokenization and EMV. The first two technologies are being widely adopted by many U.S. companies, especially since nothing else seems to be working at keeping the bad guys out. For […]

Read more »