Future of Authentication 2020

Issue link: https://raconteur.uberflip.com/i/1243008

Contents of this Issue


Page 7 of 19

F U T U R E O F A U T H E N T I C A T I O N 08 1 2 3 Multi-factor authentication Multi-factor authentication, or MFA, requires you to have more than just your username and password to log in to an account. After you enter your username and password it also requires a second piece of informa- tion, such as biometric authentica- tion of your fingerprint, that can't be easily spoofed by an attacker. Other methods include receiving a SMS one-time code on your smart- phone that must be entered along- side the username and password or the use of a hardware factor, such as Google's Titan Security Key. The good news is there is already broad awareness and usage of MFA. According to LogMeIn's 2020 Psychology of Passwords report, 54 per cent of surveyed organisations As cyber attacks increase in frequency and complexity, organisations are investing in security solutions that go beyond passwords. With 60 per cent of hacking incidents now involving the use of stolen credentials, here are five ways companies can use authentication to provide additional layers of protection Five key ways to strengthen your enterprise security Christine Horton C Y B E R S E C U R I T Y worldwide say they use MFA for their personal accounts and 37 per cent use it at work. While it dramatically increases business security, one downside is that MFA requires users have a smartphone, or biometric reader or card-reading device at hand. This desire to reduce user friction is one reason why some digital service providers still rely on inherently unsecure passwords. Biometric authentication A type of MFA, fingerprint, iris, face and voice recognition are already found on most smart- phones, tablets and computers. The use of biometrics to ensure business security is also gain- ing popularity, with LogMeIn's research reporting 65 per cent of organisations trust fingerprint or facial recognition more than tradi- tional text passwords. Indeed, HSBC UK recently announced that its VoiceID voice biometrics system prevented almost £400 million of customers' money from falling into the hands of tele- phone fraudsters last year, with the rate of attempted fraud doubling, year on year. However, Andrew Shikiar, executive director of the FIDO Alliance, which develops and promotes authentica- tion standards, says breaches such as that against the Biostar 2 platform in August 2019 demonstrate the risks associated with mismanagement of user biometrics. "While it's certainly inconvenient and damaging to have your pass- word stolen, the impact of a stolen biometric is far worse as they inher- ently cannot be changed," he says. Adaptive/risk-based authentication There are a host of security tech- nologies that work unseen to val- idate the legitimacy of the person requesting digital access. One such method is the use of secure smartphone and tablet apps that have built-in security controls, such as a biometric scanner. Other approaches include examining the login device to check for the presence of a secure dig- ital token, as well as comparing each login with previous behaviour, which can include the IP address used and geographic location.

Articles in this issue

Links on this page

Archives of this issue

view archives of Raconteur - Future of Authentication 2020