By Andrew Shikiar, Executive Director and Chief Marketing Officer at FIDO Alliance
About 15 years ago, Bill Gates said when he spoke to an audience at a cybersecurity conference in San Francisco that passwords cannot meet the challenge of keeping critical information secure.
Fast forward to today, and we are still busy trying to create a world that is less reliant on passwords. Yes, passwords continue to be used despite industry experts agreeing that their use should be reduced if they are not to be totally replaced. Mainly because we are all creatures of habits and we normally go for better user experience over security. At the same time, businesses want to avoid the cost and complexity of developing and provisioning their own dedicated security solutions.
As we can no longer rely on passwords, we need simpler and stronger authentication. According to the World Economic Forum’s Global Risks Report 2019, as much as 81% of hacking-related breaches are tied to weak, stolen, or reused passwords.
As the Microsoft founder portended, these flimsy strings of alphanumeric characters and symbols have proved too easily compromised phishing or even simple social engineering.
Digitalization and the rise of the platform economy
Rapid digitalization has changed the way businesses interact with consumers. We are going online to work, to learn, to be entertained. We also rely on the internet to socialize with friends and stay connected with loved ones. Increasingly, our lives are tied to online structures — or what technologists call digital platforms. New businesses with all new business models designed to allow us to do all these things online are created each day. Increasingly, business transactions and trade are closely linked to these digital platforms.
Take e-commerce for instance. The e-Commerce Foundation have expected online transactions in Southeast Asia to almost double to $158.9 billion in 2021 from $83.4 billion in 2016.
The need for enhanced authentication of online identities is more critical than ever. A 2019 Identity Fraud Study by the Javelin Strategy & Research revealed that 14.4 million victims lost an alarming $1.7 billion to identity fraud in 2018.
Global pandemic brings cyber insecurity
The current global pandemic has also accelerated digital adoption. Businesses have had to quickly transition to a remote working and telecommuting workforce, and some in industries — like food & beverages and retail — had to move online as cities were being locked down.
During this time when the world was struggling to keep a global pandemic in control, the World Health Organization received a five-fold increase in cyber-attacks directed at the organization. Cybercriminals were impersonating WHO in emails and are targeting the public to channel donations to a fictitious fund.
Basically, cybercriminals will jump on these opportunities when people are anxious and confused. They will also take advantage of the careless, the uninitiated, and the under-protected —like how many of us are using our passwords now.
Digital identity authentication as part of business strategy
As digitalization continues to define what many are now calling a “new normal,” organizations will need reliable authentication tools that enhance digital trust while minimizing disruption to the user experience. Authentication is now crucial for businesses. It needs to be part and parcel of their efforts in interacting with customers and building brand loyalty.
At the forefront of the adoption of next-generation authentication technology is the financial services industry. Mastercard recently introduced the Identity Check Express to simplify consumer’s online shopping experience in India. The mobile-first authentication solution combines behavioral biometrics, the latest EMV 3-D secure technology as well as FIDO authentication standards to deliver an uninterrupted, yet secure shopping experience.
The new EMV 3-D secure authentication standards ensure an additional layer of security for making card-not-present (CNP) purchases. The new authentication standard has been updated to accurately reflect current and future market requirements, providing integration with digital wallets as well as traditional browser-based e-commerce transactions.
For businesses and consumers, this means better user experience and reduced risks as there is no central customer biometric dataset since the authentication data is stored on-device.
Staying ahead of identity theft
Most definitely, cybercriminals will continue to be active. They will be more organized and improve in sophistication and techniques. Businesses will need to keep one step ahead, or at least keep up, of evolving security threats in the new normal, or they risk being backward in cybersecurity awareness and preparedness. One of the first steps businesses can take in their cybersecurity journey is a step toward password-less authentication.