Is Passwordless Authentication the Next Big Step?
Cyber criminals are daily finding new and inventive ways to breach our online defences, to hack our websites, to defraud us (and our customers, suppliers, employees and families), and to generally force us to spend more and more valuable resources on protecting ourselves.
The question is, are passwords still the answer? We start off with some concerning stats in this regard and a discussion on how having to constantly manage passwords is impacting on both our businesses and the global economy. Which brings us to the million dollar question: “Could passwordless authentication be the way to go?”
This is an evolving topic – don’t get left behind!
Consider these facts:
- Over 80% of hacking is password related.
- In the first world the average cost of fixing a successful hack is $3.9 million.
- The average person spends 11 hours a year changing or resetting his or her passwords. For a company with approximately 15,000 employees, the cost of this is $5.2 million per annum, including a cost of $1 million for password resets alone.
- This average person has between 25 to 85 passwords for the various applications he or she uses.
- In online retail, 90% of attempts to get into the website are by hackers who have a success rate of about 1%.
The implications for world economic growth and for business
These statistics adversely impact customers who find using the internet a stressful experience and thus often limit the time they spend on the Web. Research indicates that most consumers will pay a premium to have a pleasant online experience – no passwords expired, no one time pins etc.
For businesses the main issue is the time spent in ensuring their internet gateways are safe from hackers to avoid the reputational and other damage they will suffer if they are hacked. Invariably, this leads to more complexity which scares off customers, encourages hackers to find flaws and so the spiral continues.
Nor is this only dragging down businesses, it also has a sizeable effect on the global economy. Just look at the world’s ten largest companies:
The seven companies shown in blue above are based on a “platform model”, highlighting the importance of this issue to the world’s economy. With seven of the companies in the tech sector and two in financial services (Berkshire Hathaway, J.P. Morgan), it is obvious just how important their internet platforms are to their success.
The solution
A good solution will need to have the following elements:
- Security, for obvious reasons.
- Privacy – with the pending full commencement of the Protection of Personal Information Act this will become an even more important element.
- Sustainability – it needs to be robust, flexible and long lasting.
- Inclusive – with the rapid breakout of people into distinct groupings (LGBT, #Metoo etc), the solution must cater for all these needs.
- Scalability – as the world is making greater use of the internet, any new system must be able to rapidly scale up.
- Pleasant user experience – it needs to be easy to use.
This solution should move away from passwords towards alternatives like biometrics (facial recognition, fingerprint authentication and the like), QR code authentication and even to the system recognising unique habits you have like how you toggle a mouse.
These solutions are becoming more available and in the US companies which have moved away from passwords are finding their sales line growing, costs being reduced, productivity rising and happy customers.
Make sure you don’t lag behind your competitors in this important developing field.