The Death of the Password Is Upon Us

Technology has afforded consumers terrific conveniences, and with that, consumer patience has gradually dwindled. We now expect frictionless, real-time access to information, applications and networks. In light of the emphasis on convenience and the consumer experience, the traditional password is losing its foothold as the standard in authentication.

Consumers no longer have the patience to fill out lengthy registration forms, or the free brain space to remember dozens upon dozens of usernames and passwords.  In fact, a recent survey by Gigya found that 52 per cent of consumers would choose anything but a traditional username and password account registration when given the option.

Traditional passwords also invite trouble, as evidenced by the many reported instances of ID theft, which was found to have accounted for almost half of all fraud in the first quarter of 2015. Security risk is now a top factor driving consumers’ identity authentication preferences, with 26 per cent of our respondents also having had an online account compromised in the past 12 months.

Yet, the opportunity exists for brands to finally put the password out of its misery and drive the convergence of security and customer experience. They can do this by supporting advanced methods of identifying and authenticating users.

Mobile, social helping push popularity of advanced authentication techniques

With their reputation for bridging the security-consumer experience chasm, advanced authentication techniques have piqued the public’s interest. Consumers are increasingly opting to authenticate their identities on digital properties using their existing social credentials (like Facebook, Twitter and PayPal). They’re also becoming more comfortable with biometric and multifactor authentication. Biometrics requires the user to log in to a device using a fingerprint, voice, iris or now even an ear. Multifactor authentication requires information that, theoretically, only the user would know or possess: a knowledge factor (piece of information like where you were born), a possession factor (such as a token), or an inherence factor (fingerprint, etc.).

Our research also found that 80 per cent of consumers believe biometric authentication is more secure than traditional usernames and passwords. This year, the advanced authentication trend is expected to gain even more momentum, which may accelerate the traditional password’s death.

The growing interest in advanced authentication techniques is spurred by a number of drivers, including the availability of mobile phone-based biometric technologies, social login and mobile payment. In fact, research conducted by ESG shows that 41 per cent of enterprises are already using mobile devices for multifactor authentication. Another 44 per cent are or would consider using social login/identity credentials for authentication.

Surviving and thriving amid convergence of security, customer experience

The imminent fall of passwords and the corresponding rise of advanced authentication techniques means brands must refactor and re-implement their legacy identity and access management systems to support new types of credentials.

The added benefit in this move is that the user experience not only becomes more secure by virtue of advanced authentication, but also becomes frictionless and personalised. Certainly, logging in using a social identity or biometric factor is much less invasive and off-putting than having to come up with another password, or reveal at length (again) the user’s name, address, preferences and so forth at the time of registration.

While the traditional password is dying a slow death, the advent of biometrics and other advanced authentication technologies is quickly taking over. Savvy brands understand that advanced authentication affords stronger security, but not at the expense of the customer experience. Their next step is to embrace technologies that support advanced authentication, which will ultimately draw new customers looking for a secure, seamless and personalised user experience.

Informationsecurity:

« Son Of Stuxnet: Irongate Malware
FTSE Company Boards Struggle with Cybersecurity Management »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CERT.hr

CERT.hr

CERT.hr is the national authority competent for prevention and protection from computer threats to public information systems in the Republic of Croatia.

Indium Software

Indium Software

Indium Software is an Independent Software Testing Company offering software testing services (including security testing) and offshore Quality Assurance solutions.

Kenna Security

Kenna Security

Kenna Security is a risk intelligence & vulnerability management platform that helps prioritize and remediate vulnerabilities.

Efecte

Efecte

Efecte is a Nordic SaaS company specialized in IT Service Management, Self-Service, Identity Management and Access Governance solutions.

Bericon Forensics

Bericon Forensics

Bericon is one of the longest established forensic science consultancies in the UK. Activities include computer and mobile phone forensics.

Protiviti

Protiviti

Protiviti consulting solutions span critical business problems in technology, business process, analytics, risk, compliance, transactions and internal audit.

Cybernetic Global Intelligence (CGI)

Cybernetic Global Intelligence (CGI)

CGI is a global IT Security firm that helps companies protect their data and minimize their vulnerability to cyber threats through a range of services such as Security Audits and Managed Services.

Armorblox

Armorblox

Armorblox stops targeted email attacks such as 0-day credential phishing, payroll fraud, vendor fraud, and other threats that get past legacy security controls.

Extreme Protocol Solutions (EPS)

Extreme Protocol Solutions (EPS)

Extreme Protocol Solutions is an industry leading Data Sanitization Software, Hardware and Onsite Service Provider.

Ordr

Ordr

Ordr Systems Control Engine. The first actionable AI-based systems control engine for the hyper-connected enterprise. You’re in control.

OurCrowd

OurCrowd

OurCrowd is a leading equity crowdfunding platform for investing in global startups.

FourthRev

FourthRev

FourthRev is an education-technology start-up with a mission to solve the skills crisis of the Fourth Industrial Revolution.

Cyberplc

Cyberplc

Cyberplc is a global cybersecurity consulting firm providing services to government, the public sector and enterprises.

BioID

BioID

BioID are a German company offering deepfake detection, liveness detection, facial authentication & identity verification as a Service. 

Miggo Security

Miggo Security

Miggo is the first Application Detection and Response (ADR) platform on a mission to stop application breaches.

NetDescribe

NetDescribe

NetDescribe, part of Xantaro Group, advises and supports companies in building secure and stable IT environments.