This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own

View analytic
Wednesday, October 4 • 1:00pm - 1:45pm
Asterisk and Multi-Factor Authentication

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Multi-Factor Authentication (MFA) is a common way to reduce account takeover on websites (and apparently on Asterisk machines as well). While almost everyone knows how to use Asterisk to make automated phone calls that announce the user it’s 4-6 digits code, Not everyone knows how to use Asterisk to bypass just that. This talk will present two relationships between Asterisk and MFA: Using MFA to protect your Asterisk AND using Asterisk to bypass E-commerce MFA while focusing on following subjects: 1. How to use MFA solution to protect your Asterisk system from unauthorized phone calls, including implementation for the following scenarios: * Requiring MFA upon agent login/DISA. * Requiring MFA when originating suspicious phone calls. * `MFA everywhere` when needed. 2. How to use Selenium (browser automation tool) and Asterisk to automatically bypass MFA on websites: * Why does websites use MFA? * Short introduction to Selenium. * How to automate the reception of a verification code through phone call using Asterisk and a cloud native language analysis service. * How to protect YOUR website’s MFA from such tricks. This session features multiple code samples and live demos.

avatar for Or Polaczek

Or Polaczek

Research Engineer, Forter
"I am a software developer with 8+ years of experience. As a Research Engineer at Forter, i'm developing new methods aimed to help e-commerce merchants prevent credit-card fraud on their website / call centre. Before I've started working at Forter, I helped creating a cross-platf... Read More →

Wednesday October 4, 2017 1:00pm - 1:45pm
Champions Gate

Attendees (11)