The Death of the Password Is Upon Us

Uploaded on 2016-06-17 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Technology has afforded consumers terrific conveniences, and with that, consumer patience has gradually dwindled. We now expect frictionless, real-time access to information, applications and networks. In light of the emphasis on convenience and the consumer experience, the traditional password is losing its foothold as the standard in authentication.

Consumers no longer have the patience to fill out lengthy registration forms, or the free brain space to remember dozens upon dozens of usernames and passwords.  In fact, a recent survey by Gigya found that 52 per cent of consumers would choose anything but a traditional username and password account registration when given the option.

Traditional passwords also invite trouble, as evidenced by the many reported instances of ID theft, which was found to have accounted for almost half of all fraud in the first quarter of 2015. Security risk is now a top factor driving consumers’ identity authentication preferences, with 26 per cent of our respondents also having had an online account compromised in the past 12 months.

Yet, the opportunity exists for brands to finally put the password out of its misery and drive the convergence of security and customer experience. They can do this by supporting advanced methods of identifying and authenticating users.

Mobile, social helping push popularity of advanced authentication techniques

With their reputation for bridging the security-consumer experience chasm, advanced authentication techniques have piqued the public’s interest. Consumers are increasingly opting to authenticate their identities on digital properties using their existing social credentials (like Facebook, Twitter and PayPal). They’re also becoming more comfortable with biometric and multifactor authentication. Biometrics requires the user to log in to a device using a fingerprint, voice, iris or now even an ear. Multifactor authentication requires information that, theoretically, only the user would know or possess: a knowledge factor (piece of information like where you were born), a possession factor (such as a token), or an inherence factor (fingerprint, etc.).

Our research also found that 80 per cent of consumers believe biometric authentication is more secure than traditional usernames and passwords. This year, the advanced authentication trend is expected to gain even more momentum, which may accelerate the traditional password’s death.

The growing interest in advanced authentication techniques is spurred by a number of drivers, including the availability of mobile phone-based biometric technologies, social login and mobile payment. In fact, research conducted by ESG shows that 41 per cent of enterprises are already using mobile devices for multifactor authentication. Another 44 per cent are or would consider using social login/identity credentials for authentication.

Surviving and thriving amid convergence of security, customer experience

The imminent fall of passwords and the corresponding rise of advanced authentication techniques means brands must refactor and re-implement their legacy identity and access management systems to support new types of credentials.

The added benefit in this move is that the user experience not only becomes more secure by virtue of advanced authentication, but also becomes frictionless and personalised. Certainly, logging in using a social identity or biometric factor is much less invasive and off-putting than having to come up with another password, or reveal at length (again) the user’s name, address, preferences and so forth at the time of registration.

While the traditional password is dying a slow death, the advent of biometrics and other advanced authentication technologies is quickly taking over. Savvy brands understand that advanced authentication affords stronger security, but not at the expense of the customer experience. Their next step is to embrace technologies that support advanced authentication, which will ultimately draw new customers looking for a secure, seamless and personalised user experience.

Informationsecurity:

« Son Of Stuxnet: Irongate Malware
FTSE Company Boards Struggle with Cybersecurity Management »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ASIS International

ASIS International

ASIS International is a global community of security practitioners with a role in the protection of assets - people, property, and/or information.

DataCore Software

DataCore Software

DataCore Software is a leader in Software-Defined Storage. Solutions offered include back up and disaster recovery.

Cybraics

Cybraics

Cybraics nLighten platform implements a unique and sophisticated artificial intelligence engine that rapidly learns your environment and alerts security teams to threats and vulnerabilities.

NESECO

NESECO

NESECO is an IT security integration and consulting firm providing security products, solutions, support, consulting, and training services.

Belkasoft

Belkasoft

Belkasoft is a software vendor providing public agencies, corporate security teams, and private investigators with digital forensic solutions.

Pinpoint Search Group

Pinpoint Search Group

Pinpoint Search Group's recruiters specialize in Information Management, Cyber Security, Cloud and Robotic Process Automation (RPA).

Berkeley Varitronic Systems (BVS)

Berkeley Varitronic Systems (BVS)

Berkeley Varitronics Systems is an engineering think tank delivering custom wireless RF engineering products and solutions including cyber security.

Leidos

Leidos

Leidos is a recognized leader in cybersecurity across the federal government, bringing more than a decade of experience defending cyber interests globally.

Hexaware Technologies

Hexaware Technologies

Hexaware is an automation-led next-generation service provider delivering excellence in IT, BPO and Consulting services.

Almond

Almond

Almond is positioned as a key independent French player in audit and consulting in the fields of Cybersecurity, Cloud and Infrastructure.

RegScale

RegScale

RegScale helps organizations comply in real-time with multiple compliance requirements (NIST, CMMC, ISO, SOX, etc), scalable to meet the needs of the entire enterprise.

MainNerve

MainNerve

MainNerve helps secure networks, applications, people, and facilities… enabling businesses to reduce risk and increase their cybersecurity posture.

Xalient

Xalient

Xalient is an IT consulting and managed services business, specialising in modern, software-defined networking, security and communications technologies.

Safe Decision

Safe Decision

Safe Decision is an information technology company offering Cyber Security, Network, and Infrastructure Services and Solutions.

Innov8tif

Innov8tif

Innov8tif is an AI company specialised in providing ID assurance solutions — helping digital businesses to prevent frauds by verifying and authenticating customers identity.

Robosoft Technologies

Robosoft Technologies

Robosoft Technologies is a full-service digital transformation partner. We provide end-to-end digital transformation services in areas including cybersecurity.