Loading…
AstriCon 2017 has ended
Back To Schedule
Wednesday, October 4 • 1:00pm - 1:45pm
Asterisk and Multi-Factor Authentication

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Multi-Factor Authentication (MFA) is a common way to reduce account takeover on websites (and apparently on Asterisk machines as well). While almost everyone knows how to use Asterisk to make automated phone calls that announce the user it’s 4-6 digits code, Not everyone knows how to use Asterisk to bypass just that. This talk will present two relationships between Asterisk and MFA: Using MFA to protect your Asterisk AND using Asterisk to bypass E-commerce MFA while focusing on following subjects: 1. How to use MFA solution to protect your Asterisk system from unauthorized phone calls, including implementation for the following scenarios: * Requiring MFA upon agent login/DISA. * Requiring MFA when originating suspicious phone calls. * `MFA everywhere` when needed. 2. How to use Selenium (browser automation tool) and Asterisk to automatically bypass MFA on websites: * Why does websites use MFA? * Short introduction to Selenium. * How to automate the reception of a verification code through phone call using Asterisk and a cloud native language analysis service. * How to protect YOUR website’s MFA from such tricks. This session features multiple code samples and live demos.

Speakers
avatar for Or Polaczek

Or Polaczek

Lead Mobile Engineer, Forter
"I am a software developer with 8+ years of experience. As a Research Engineer at Forter, i'm developing new methods aimed to help e-commerce merchants prevent credit-card fraud on their website / call centre. Before I've started working at Forter, I helped creating a cross-platform... Read More →


Wednesday October 4, 2017 1:00pm - 1:45pm
Champions Gate

Attendees (11)