Financial organisations must wake up to the true value of passwordless and biometric authentication
UniCredit has revealed a data breach resulting in the leak of information belonging to three million customers. This marks the third occasion that their customer account data has been lifted by hackers. In July 2017, the Italian global bank said hackers had accessed client data in two separate attacks, in September and October 2016, affecting 400,000 customers. Considering 81% of all data breaches are from compromised passwords, financial organisations need to turn to passwordless solutions and take a strategic approach to implement multifactor authentication based on biometrics. This redefined strong authentication for the digital age is truly a business differentiator.
Cybersecurity has thus far failed to keep up with the rapid rate of digital demands and technology transformation. Turning a security transformation to meet the expectations of the target audience into a business differentiator is the goal. As organisations take on the challenge of ensuring a high level of security whilst improving user experience, more firms are recognising that a mobile-first strategy builds consumer adoption and confidence quickly. Utilising consumer accepted technologies such as biometrics is a key part of an authentication strategy that migrates from legacy to disruptive innovation.
Leveraging widely adopted consumer technology, both through device possession and digital identity using biometrics, along with a vision that uses implicit artificial intelligence such as location and behaviour will deliver a continuous authentication model meeting the digital and cybersecurity requirements. Consumers expect a passwordless user experience that offers the highest levels of safety without risk of cyber breach through compromise or phishing but differentiates through the excellence of digital user experience comments Jason Tooley.
Jason Tooley, chief revenue officer at Veridium comments: “Eliminating the password from user authentication is more easily achieved with the adoption of a multi-factor approach using a combination of possession, biometrics and artificial intelligence. However, to view solely biometric authentication in isolation is myopic and overlooks the wider opportunity. The role of biometrics is not to just replace passwords, but to create a verifiable Digital ID that businesses and governments can use to improve user experience, productivity, and security.”
“The native biometrics used by many organisations are not secure enough in isolation and replay passwords, defeating the object of transitioning to passwordless. Native biometrics were designed for ease of access and convenience rather than multi-factor authentication using digital ID. Organisations will see the greatest value in incorporating a multi-factor approach that includes cutting edge behavioural biometrics, adding quality and strength through intelligence such as location and unique mannerisms.”
Jason continues: “Organisations who point to security breaches as a reason to avoid biometrics should look at innovation associated with encrypting the biometric data with techniques such as sharding or visual cryptography, which renders the sensitive biometric data unusable to the hacker. These concerns are to do with storage decisions, not the technology itself.”