SlashID Launches Mutual TOTP to Combat Social Engineering Attacks

Severity: Medium (Score: 57.8)

Sources: edge.prnewswire.com, Morningstar, www.prnewswire.com

Summary

On April 21, 2026, SlashID announced the launch of Mutual Time-based One-time Password (TOTP), a cryptographic verification solution designed to prevent impersonation attacks, particularly through social engineering methods like vishing and deepfake impersonation. This new capability allows for bidirectional identity verification in real-time, addressing the significant trust gap that exists in traditional multi-factor authentication (MFA) systems. Social engineering accounted for 36% of all enterprise breaches last year, with vishing alone representing 11% of infection investigations. The Mutual TOTP solution operates without the need for biometrics, hardware tokens, or face scanning, making it less invasive and more practical for widespread use. It significantly reduces onboarding friction and privacy concerns associated with traditional identity verification methods. The solution is designed for various interactions, including employee-to-employee calls and vendor onboarding, and can be deployed quickly and cost-effectively. This innovation aims to enhance security in environments where traditional defenses have proven inadequate against sophisticated impersonation tactics. Key Points: • Mutual TOTP provides real-time, bidirectional identity verification without biometrics. • Social engineering was responsible for 36% of enterprise breaches last year. • The solution is designed for various interactions, enhancing security against impersonation.

Key Entities

• Scattered Spider (apt_group)
• Data Breach (attack_type)
• Phishing (attack_type)
• Caesars (company)
• MGM (company)
• Vercel (company)
• context.ai (domain)
• icrinc.com (domain)
• T1566 - Phishing (mitre_attack)
• Google Workspace (platform)