The authentication layer that corporate America spent a decade building is now a liability. Listen to the podcast:The day MFA became the problem That’s the blunt assessment of Kevin Surace, chairman of Token, a Rochester, N.Y.-based security company … (more…) The post FIRESIDE CHAT: In the AI age, your MFA, authentication apps can be compromised in minutes first appeared on The Last Watchdog.

Security Boulevard is a leading cybersecurity news and information portal, offering articles, analysis, and insights on cybersecurity threats, vulnerabilities, and best practices. From the latest trends in cyber threats to expert commentary on security technologies and compliance frameworks, Security Boulevard provides resources for security professionals, IT leaders, and business executives seeking to protect their organizations from cyber attacks and data breaches.

Security Boulevard

Traditional MFA and authenticator apps are increasingly vulnerable to AI-assisted phishing attacks. Kevin Surace, chairman of Token, argues that software-based MFA is now compromisable in minutes, citing the Tycoon 2FA phishing kit which executed 96,000 successful breaches bypassing legitimate auth apps. Token's proposed solution is hardware-bound biometric authentication — devices like the Token Ring and Token BioStick that store fingerprints locally, cryptographically bind credentials to specific domains, and require physical proximity to complete login. Insurance carriers and the FBI are reportedly pushing organizations toward phishing-proof biometric authentication as a new baseline standard.