Authentically You: Login Credentials Are Getting Cooler (and Smarter)
12 June 2017
Last time in this space we talked about strong passwords and how users and websites have unwittingly contributed to the growing problem of data breaches and international hacking. We discussed how common (and how obvious) certain password combinations are, and offered a few best-practice tips for creating longer, stronger and more random passwords. Some involve humans and others don’t.
However, while passwords (and password managers) are still used widely today, they are quickly taking a backseat to the next generation of authentication. The change isn’t happening overnight, as some industry experts claim. Instead what’s emerging is multifactor authentication that uses a number of modalities to ensure that you are really you.
Once again we are faced with an interesting dilemma: How do we raise the bar for authentication without forcing productivity into the ground? The answer could be a platform that offers a launching pad for the many ways your company secures its information capital. Let’s first take a look at some of the trends in multifactor authentication, and then peek at what a secure management platform would look like.
Voice authentication – This one is super popular with users, and is being used now by major financial institutions like Citi, who was the first Fortune 1000 company to do this sort of thing in the U.S. Over 250,000 people have opted in to Citi’s “agent-based voice biometrics authentication” solution, which identifies about 130 physical and behavioral characteristics within a person’s voice. (I wonder what my voice says about me, even on a good day.)
On-touch login – Fingerprint sign-in has been used for a while now, and Bank of America added this feature to their mobile banking app back in 2015. So did Chase and PNC. The functionality keeps getting better, but there is a big disadvantage: They can’t be reset. If a crook steals your fingerprint data, it could be much easier for someone to worm their way into your life (even with the 3-D reading that prevents someone from lifting a fingerprint from your phone).
Face scans – Another interesting biometric authentication method is the face scan. Wells Fargo uses this, along with voice recognition, in its mobile banking app. As cool as this is, people with disabilities might find it hard to sign in. Also there is the risk of spoofing, even if the sign-in requires a short video that shows your eyes blinking.
Iris scans - Speaking of eyes, the iris scan is rising again in popularity. Soon you’ll be able to use it at LAX to reportedly whisk your way through TSA and directly into the body scan. (I’ll believe that when I see it.) If it works, it’ll be awesome, but you will pay $179 for the service, at least for now. In any event, it’s a viable alternative when an accurate identity match is a must.
QR Codes – What if there’s bad Wi-Fi or cell reception? QR codes provide a great alternative. You don’t have to remember a long password, and if yours is a single-use QR code, all the better. We use these at the airport too, as well as in lots of proprietary applications. Plus, single-use QR codes can sometimes be used in place of hardware tokens, which can be easily lost or stolen.
There are lots of cool ways to verify identity – these are only a few. While each has its own set of tradeoffs, all of them can be used together on a single platform that offers strong, multifactor authentication. It is important the platform you choose is backed by security standards robust enough for your business, without becoming a pothole in your productivity.
Abby Cunningham is a San Francisco-based writer-at-large for Intralinks. She has over two decades of experience in the enterprise technology arena, and a strong interest in helping everyday professionals keep confidential information out of the hands of hackers and villains with practical, 21st-century best practices. Her other car is a bike.