Gartner Blog Network

Avivah Litan
VP Distinguished Analyst
12 years at Gartner
30 years IT industry

Avivah Litan is a Vice President and Distinguished Analyst in Gartner Research. Her area of expertise includes financial fraud, authentication, access management, identity proofing, identity theft, fraud detection and prevention applications…Read Full Bio

IRS Portal Problems should come as no surprise

by Avivah Litan  |  May 31, 2015

Recent headlines that criminals exploited identity proofing systems used at the IRS website should come as absolutely no surprise to anyone. What’s surprising to me is that anyone still relies on public PII (personally identifiable information) data when they know how widely it’s been exploited over the past few years. Criminal compromise of PII data […]

Read more »

ApplePay Fraud points to Looming Problems with Mobile Payments

by Avivah Litan  |  March 2, 2015

Last week, I participated in the ISMG Fraud Forum in Los Angeles, and one of the more interesting things I learned was how rampant ApplePay fraud is. Turns out the bad guys are loading iPhones with stolen card-not-present card information (which is much easier to steal than card present magstripe data) and essentially turning that […]

Read more »

What Healthcare needs to learn from Retail after the Anthem Breach

by Avivah Litan  |  February 7, 2015

It seems like every news analysis article on the Anthem healthcare insurance breach headlines that data encryption is the solution that will stop similar breaches in the future. Too bad these commentators’ have such short memories and forget what’s happened in the retail industry where PCI rules enforcing data protection (e.g. encryption, masking or other […]

Read more »

Where have all our Passwords Gone?

by Avivah Litan  |  January 22, 2015

“Young hackers have picked them everyone. Oh, when will they ever learn? Oh, when will they ever learn?” Not sure you remember this classic Peter Paul and Mary song but it is certainly appropros for the moment. Last August, the New York Times reported that a Russian crime ring had amassed the largest known collection […]

Read more »

The Hidden problems with Payment Card Security Technologies and PCI

by Avivah Litan  |  January 13, 2015

Ever since the high profile payment card data breaches, we have been getting lots of client inquiries around payment card security technologies — point-to-point encryption, tokenization and EMV. The first two technologies are being widely adopted by many U.S. companies, especially since nothing else seems to be working at keeping the bad guys out. For […]

Read more »

Who is the Government of North Korea?

by Avivah Litan  |  December 19, 2014

There is so much talk and skepticism about the perpetrators of the Sony attack – are they representing the North Korean government or are they a small band of crazy hackers? The discussion makes me recall a dinner I had about a year ago with a respectable Chinese Factory owner when I asked him if […]

Read more »

Where does North Korea get its cyber-hacking skills from?

by Avivah Litan  |  December 5, 2014

Many months before the alleged North Korean attack on Sony Pictures took place, a widely known fact in intel circles is that the Chinese and Russians are training North Koreans how to hack. Apparently, North Koreans are holed up inside a cement building inside China, learning these hacking skills, and after they are trained, these […]

Read more »

Retailers Brace for the Holiday Breach Season

by Avivah Litan  |  November 19, 2014

Holiday shopping season is upon us and is the busiest season of the year for hackers and shoppers alike. 2014 will be no exception and we should brace ourselves for more high profile cyber-attacks although this time, they are likely to gain much less public attention. Consumers have rightfully learned that they suffer little harm […]

Read more »

Token Collision and Point to Point Encryption Confusion ala ApplePay

by Avivah Litan  |  November 7, 2014

With all the excitement about ApplePay, big systemic problems are starting to surface on the retailer side. Here they are: a) Point to Point encryption confusion – Some vendors who certified their payment card applications for point to point encryption left out certification of the contactless payments since there was very little volume in the […]

Read more »

Apple Pay vs. CurrentC; will Merchants lose out again to Visa and MasterCard?

by Avivah Litan  |  November 3, 2014

The recent ruckus in the media about Wal-Mart, CVS and RiteAid and other national retailers refusing ApplePay has created bad PR for the fragmented retail sector. News commentators have been ranting on about how these merchants need to give consumers free choice and turn back on ApplePay acceptance. These comments reflect the great job Visa […]

Read more »