Are we at the tipping point for passwords?

Knowledge-based identification may be the preferred way to authenticate online, but for how long, as biometrics and behaviour methods gain favour?

  • 5 years ago Posted in
Passwords can be the bane of frustration for anyone creating or accessing accounts online. And a recent online survey conducted by Callsign, a London-based company with the mission to seamlessly validate an individual’s identification for every web, mobile and physical interaction, suggests our relationship with passwords to identify ourselves online is shifting.

 

It’s shocking to consider single-factor authentication is even in use today, given that poor password habits and stronger computing power has led to an increase in hacking-related breaches involving either stolen or weak passwords. Therefore, it’s reassuring that the Callsign survey showed a knowledge-based approach, such as passwords, for accessing online accounts is favoured by less than half of UK and US respondents (45% on both sides of the Atlantic).

 

Over the last few years, increased availability of biometric tools on laptops, tablets and smartphones has given consumers a taste for biometric identification, and in the survey 30% noted a preference for sharing and storing biometric information (32% in the UK and 27% in the US) for identification when accessing an online account or making a purchase. Still, it is clear there is still a long way to go in shifting consumer attitudes away from solely relying on passwords. Biometric information as well as behavioural biometric data – such as the way a user swipes their screen or their unique keystroke pattern when entering their password – need to become the norm, so companies can more intelligently identify anomalies and apply additional layers of security.

 

With employees frequently cited as the weakest link in corporate cybersecurity enforcement, it is no surprise that traditional passwords are preferred at work, where people’s reluctance to embrace more innovative methods of identification over a presumed ease of access is commonplace. Knowledge-based identification was the most favoured by 56% of workers (58% in the UK and 51% in the US), while biometric methods were preferred by a mere 15% of workers.

“The study suggests we’re at a tipping point where our reliance on simple passwords is on a steady downward turn.

 

Although two-factor and multi-factor authentication, along with biometrics, are an improvement, they are still flawed,” said Callsign CEO Zia Hayat. “Ultimately, we understand the privacy of users is paramount. Companies need to offer choice and control when it comes to the data that is collected and the identification methods used – another reason multi-factor identification is so limited.”

 

“However, there is a new realm of behavioural identification that is truly revolutionising and streamlining identification and improving customer experiences, all whilst minimising fraud. Here at Callsign, we’re creating a much more positive experience with greater protection and better privacy for the consumer or worker,” Hayat concluded.

 

Other insights from this survey include:

 

  • Despite the high preference for knowledge-based identifiers at work (58% in the UK and 51% in the US), they are less favourable for personal use, where 46% noted they were preferred when logging in to check an account balance and 44% chose it for making a purchase or a balance transfer
  • The UK tends to be more receptive to biometrics compared to the US, with 32% to 27%, respectively, noting they’d prefer it overall
In the US, age is a significant factor as Baby Boomers (55+) are more receptive to passwords (46%) and biometric identifiers (31%) than younger respondents (aged 18-24), with 39% preferring passwords and 26% preferring biometric identifiers. Younger respondents (those 18 to 24) were more receptive to behavioural identifiers (12%) compared to those aged 55+ (4%)
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...