[Japanese Stocks] Password Leak and Hacking? What are the Related Stocks Gaining Attention Due to Security Enhancements? | Revisiting Market Themes. Analysts Unpack the Essence of the Themes | Moneyクリ MoneyX Securities Investment Information and Media Useful for Money.
The Nikkei average has shown a back-and-forth development after quickly absorbing the shock of tariffs. While the view that the tariff issue will settle into a realistic landing in the Capital Market is gaining traction, concerns over domestic economic trends are said to be holding back further gains. Given the rapid pace of recovery, we must not forget the perspective that a period of adjustment is needed here. In general, I perceive that the market has entered a somewhat "pause" phase.
However, it cannot be denied that there may be an increasing headwind for the time being. If we assume that the tariff issue has already priced in a moderate outcome, there is a concern that the risk of a more severe resolution, which would come as a negative surprise, could weigh on the market. The slowdown in personal consumption may become more pronounced in the future, and it is necessary to consider that more companies may anticipate a decrease in profits as they are unable to absorb the rising costs of labor and other expenses. I believe that the adjustment period for stock prices will continue for a while.
While the expansion of smartphone and PC usage makes things more convenient, password leaks have become a social issue.
Now, let's take up the theme of "password leaks." Nowadays, the use of smartphones and PCs has become common in daily life. The use of social media and email is of course a given, and the convenience has dramatically improved, extending to the use of QR codes for electronic money, cash transfers, securities accounts, and even the reservation and purchase of various tickets for transportation and leisure activities. In such cases, it is normal to require a password known only to the user in order to confirm that the operator is indeed the account holder, thus preventing unauthorized operations by malicious third parties.
However, as you all know, the fact that the leakage of this password to the outside and the resulting unauthorized manipulation has become a serious social issue is also well-known. It can be said that the opportunities for passwords to be leaked have dramatically increased due to phishing sites, malware infections on devices, and hacking of websites.
The takeover of securities accounts, which has become a hot topic in recent years, is a typical example, and the damage caused by obtaining passwords from phishing sites, etc., infiltrating securities accounts, and buying and selling there without permission has increased sharply since this April. Securities companies are rushing to take measures such as introducing stricter identity verification systems for online transactions. It should be considered that the possibility of such large-scale damage occurring in the future is high. Similar events may occur not only in securities, but also in industries such as banking, real estate, and fund settlement. The use of smartphones and PCs has greatly improved convenience, but at the same time, it can be said that new risks that were previously unimaginable have also arisen.
Enhanced Defense with Multi-Factor Authentication (MFA), but There are Drawbacks
Currently, many systems being implemented for the protection of user accounts include multi-factor authentication (MFA). This method combines several elements to block access from anyone other than the user, including knowledge factors that only the user knows, such as regular passwords, biometric factors like facial and fingerprint recognition, and ownership factors using the PC or smartphone being used. As a result, the defense capability against unauthorized access has significantly improved compared to cases where only passwords were used.
However, there is a disadvantage that the operator will incur a considerable cost burden, and the increase in authentication steps may lead to a decrease in user convenience. Considering the risk of damage due to unauthorized access, it can be said that a slight increase in cost and a decrease in convenience is unavoidable, but it is clear that it is troublesome from the user's point of view. As a result, it is also certain that if users leave the company, there will be no source or child in the operation.
Don't Use Passwords! What is FIDO2 that Mitigates the Disadvantages of MFA?
Recently, a multi-factor authentication method called FIDO (Fast Identity Online) 2 has begun to rapidly gain popularity as it mitigates such disadvantages. FIDO2 is a form of multi-factor authentication, but what makes it innovative is that it does not use passwords. The idea is that to avoid password leaks, one should simply not use passwords at all.
This method involves pre-registering biometric information and other specific data on a particular device, and then accessing the server with information that matches that registered data. Furthermore, since the ownership information and biometric data are not retained on the server side (meaning that this information does not flow over the network), even if someone attempts unauthorized access to the server, they cannot penetrate into the account.
Interestingly, FIDO2 is an open standard, and the specifications are publicly available. Since it is not a service provided by a specific company, it is managed and operated by an industry organization called the FIDO Alliance. Considering the standardization of specifications and the promotion of its adoption, this approach seems effective. This organization was established in 2012 by several U.S. companies, and currently, around 200 companies from various nationalities participate as members.
Multi-Factor Authentication Tools, FIDO Alliance… Picking Up Security-Related Stocks
So, how about from the perspective of stock investment? First of all, in the multi-factor authentication tool, in addition to overseas companies such as Apple [AAPL], Alphabet [GOOGL], Microsoft [MSFT], Hewlett Packard Enterprise [HPE], and Okta [OKTA], domestic companies such as HENNGE (4475), GMO GlobalSign Holdings (3788), Nippon Telegraph and Telephone (NTT) (9432), Software Create Holdings (3371), Human Technologies (5621), and Mitsubishi Electric (6503) can be mentioned as related listed companies.
Regarding FIDO2, the FIDO Alliance has board level members from Japan, including publicly listed companies such as LINE Yahoo (4689), Mercari (4385), and NTT.
Additionally, listed companies such as Fujitsu (6702), Hitachi (6501), KDDI (9433), NEC (6701), Nomura Research Institute (4307), Rakuten Group (4755), SoftBank Group (9984), and Sony Group (6758) are included as members of the Sponsor Level.
That said, there is no such thing as an impenetrable defense system for eternity. One should be prepared for the possibility that even multi-factor authentication could be breached at some point (though I believe that if one has the ability and time to devise such a breaching system, it would be better spent elsewhere...). I imagine that the strengthening and updating of such security systems will always be required in the future.
View Original
The content is for reference only, not a solicitation or offer. No investment, tax, or legal advice provided. See Disclaimer for more risks disclosure.
[Japanese Stocks] Password Leak and Hacking? What are the Related Stocks Gaining Attention Due to Security Enhancements? | Revisiting Market Themes. Analysts Unpack the Essence of the Themes | Moneyクリ MoneyX Securities Investment Information and Media Useful for Money.
The Nikkei average has shown a back-and-forth development after quickly absorbing the shock of tariffs. While the view that the tariff issue will settle into a realistic landing in the Capital Market is gaining traction, concerns over domestic economic trends are said to be holding back further gains. Given the rapid pace of recovery, we must not forget the perspective that a period of adjustment is needed here. In general, I perceive that the market has entered a somewhat "pause" phase.
However, it cannot be denied that there may be an increasing headwind for the time being. If we assume that the tariff issue has already priced in a moderate outcome, there is a concern that the risk of a more severe resolution, which would come as a negative surprise, could weigh on the market. The slowdown in personal consumption may become more pronounced in the future, and it is necessary to consider that more companies may anticipate a decrease in profits as they are unable to absorb the rising costs of labor and other expenses. I believe that the adjustment period for stock prices will continue for a while.
While the expansion of smartphone and PC usage makes things more convenient, password leaks have become a social issue.
Now, let's take up the theme of "password leaks." Nowadays, the use of smartphones and PCs has become common in daily life. The use of social media and email is of course a given, and the convenience has dramatically improved, extending to the use of QR codes for electronic money, cash transfers, securities accounts, and even the reservation and purchase of various tickets for transportation and leisure activities. In such cases, it is normal to require a password known only to the user in order to confirm that the operator is indeed the account holder, thus preventing unauthorized operations by malicious third parties.
However, as you all know, the fact that the leakage of this password to the outside and the resulting unauthorized manipulation has become a serious social issue is also well-known. It can be said that the opportunities for passwords to be leaked have dramatically increased due to phishing sites, malware infections on devices, and hacking of websites.
The takeover of securities accounts, which has become a hot topic in recent years, is a typical example, and the damage caused by obtaining passwords from phishing sites, etc., infiltrating securities accounts, and buying and selling there without permission has increased sharply since this April. Securities companies are rushing to take measures such as introducing stricter identity verification systems for online transactions. It should be considered that the possibility of such large-scale damage occurring in the future is high. Similar events may occur not only in securities, but also in industries such as banking, real estate, and fund settlement. The use of smartphones and PCs has greatly improved convenience, but at the same time, it can be said that new risks that were previously unimaginable have also arisen.
Enhanced Defense with Multi-Factor Authentication (MFA), but There are Drawbacks
Currently, many systems being implemented for the protection of user accounts include multi-factor authentication (MFA). This method combines several elements to block access from anyone other than the user, including knowledge factors that only the user knows, such as regular passwords, biometric factors like facial and fingerprint recognition, and ownership factors using the PC or smartphone being used. As a result, the defense capability against unauthorized access has significantly improved compared to cases where only passwords were used.
However, there is a disadvantage that the operator will incur a considerable cost burden, and the increase in authentication steps may lead to a decrease in user convenience. Considering the risk of damage due to unauthorized access, it can be said that a slight increase in cost and a decrease in convenience is unavoidable, but it is clear that it is troublesome from the user's point of view. As a result, it is also certain that if users leave the company, there will be no source or child in the operation.
Don't Use Passwords! What is FIDO2 that Mitigates the Disadvantages of MFA?
Recently, a multi-factor authentication method called FIDO (Fast Identity Online) 2 has begun to rapidly gain popularity as it mitigates such disadvantages. FIDO2 is a form of multi-factor authentication, but what makes it innovative is that it does not use passwords. The idea is that to avoid password leaks, one should simply not use passwords at all.
This method involves pre-registering biometric information and other specific data on a particular device, and then accessing the server with information that matches that registered data. Furthermore, since the ownership information and biometric data are not retained on the server side (meaning that this information does not flow over the network), even if someone attempts unauthorized access to the server, they cannot penetrate into the account.
Interestingly, FIDO2 is an open standard, and the specifications are publicly available. Since it is not a service provided by a specific company, it is managed and operated by an industry organization called the FIDO Alliance. Considering the standardization of specifications and the promotion of its adoption, this approach seems effective. This organization was established in 2012 by several U.S. companies, and currently, around 200 companies from various nationalities participate as members.
Multi-Factor Authentication Tools, FIDO Alliance… Picking Up Security-Related Stocks
So, how about from the perspective of stock investment? First of all, in the multi-factor authentication tool, in addition to overseas companies such as Apple [AAPL], Alphabet [GOOGL], Microsoft [MSFT], Hewlett Packard Enterprise [HPE], and Okta [OKTA], domestic companies such as HENNGE (4475), GMO GlobalSign Holdings (3788), Nippon Telegraph and Telephone (NTT) (9432), Software Create Holdings (3371), Human Technologies (5621), and Mitsubishi Electric (6503) can be mentioned as related listed companies.
Regarding FIDO2, the FIDO Alliance has board level members from Japan, including publicly listed companies such as LINE Yahoo (4689), Mercari (4385), and NTT.
Additionally, listed companies such as Fujitsu (6702), Hitachi (6501), KDDI (9433), NEC (6701), Nomura Research Institute (4307), Rakuten Group (4755), SoftBank Group (9984), and Sony Group (6758) are included as members of the Sponsor Level.
That said, there is no such thing as an impenetrable defense system for eternity. One should be prepared for the possibility that even multi-factor authentication could be breached at some point (though I believe that if one has the ability and time to devise such a breaching system, it would be better spent elsewhere...). I imagine that the strengthening and updating of such security systems will always be required in the future.