Cybersecurity Smartphone Hand

FIDO Alliance introduces tool to monitor uptake of passwordless authentication

The FIDO Alliance today launched its Online Authentication Barometer to track the uptake of secure authentication technologies among the general public. The Online Authentication Barometer provides baseline insights into the state of online authentication in 10 countries across the globe, including six in the Asia Pacific (APAC), with future releases of the barometer able to compare changes in behaviors and attitudes over time.

It reveals that biometrics, such as using fingerprints and face scans, are being used by at least 40% of people and are by far the most popular form of online authentication, second only to passwords. The barometer highlights how the adoption of biometrics for online authentication varies widely internationally, yet all countries surveyed reported at least 25% of the population are using biometrics in some capacity.

Biometrics is the most popular of possession-based and password-free authentication options, and data from the barometer reveals why. Over 3 in 10 respondents in APAC perceived biometrics to be the most secure way for people to verify their identity online, aligning with the trend worldwide. It was also the most popular method of logging in to their online accounts, apps, and smart devices, accounting for 29% of people surveyed.

Fido releases UX guidelines to speed up adoption of passwordless authentication
Raising the standards of authentication

“Time and time again we see data breaches, ransomware, and other attacks that leverage vulnerabilities associated with passwords and other ‘what you know’ forms of authentication — including OTPs as a second factor,” said Andrew Shikiar, executive director and CMO of the FIDO Alliance. “The industry at large must shift toward possession-based factors such as biometrics and security keys that are not susceptible to remote attacks such as phishing, credential stuffing, and various forms of social engineering that frankly are difficult if not impossible for the average user to detect. We are pleased to establish and share the Online Authentication Barometer as a mechanism to track our collective progress toward a safer and more secure networked economy.”

Account protection

The Online Authentication Barometer also found encouraging data on people actively taking steps to protect their accounts from being hacked or compromised. The vast majority (84%) of people in APAC took action, suggesting high levels of awareness on the security issues passwords have. However, despite biometrics being recognized for better security, 18% of respondents still consider passwords to be the most secure way to authenticate themselves online, and 13% believe SMS OTPs are the most secure. This was ahead of some of the strongest methods available today, including authentication software (8%) and physical security keys (4%).

Of the 15% who didn’t take any steps to improve their online security, the majority said they didn’t know how (38%), with 27% saying it’s too complicated, and 18% believe a data breach or hack would not happen to them.