A future without passwords?
Today is world password day. So here is a blog on this very topic.
Almost half of Brits (47%) have either never changed the password to their email account since setting it up, or have only done so when forgetting or in response to a hack
Passwords… it’s safe to say that they’re the bane of our lives. Little wonder that so many of us resort to using passwords that we really shouldn’t.
In November of 2016, 6.8M records were ‘pwned’(ie had their passwords stolen and pasted onto the internet for all and sundry to see). But the most depressing part of this breach was the fact that 1,910,144 passwords out of 2,232,284 were already available online – they’d already been leaked and pasted to the internet in previous hacks. This is actually pretty unsurprising, when you consider that the following (scarily insecure) passwords were commonplace…
“Passwords date from 1964 – I don’t need to point out how absurd it is that we’re still using them to protect ourselves over half a century later, with all the technology advances – and threats – we’re subject to today”.
The future – will it be free from passwords?
Banks have been funnelling money into identity management technology for decades, and it’s only now that we’re beginning to see the fruits of their labour. Natwest has launchedthe first biometric credit card, while HSBC, Santander, RBS, Citibank and Barclays now offer fingerprint technology. Barclays, Halifax, HSBC, Lloyds, Natwest and Santander also now, or soon will, offer voice ID, with telecom businesses, such as Vodafone and TalkTalk plus HM Revenue soon set to follow in their footsteps.
“Historically, user experience hasn’t been an area for banks to compete on – competition has largely focused on price and scale. Now however, improved user experience, such as a more secure, streamlined payment journey, is having much more of an impact. Particularly at a time when debt market spreads are incredibly tight”.
With the introduction of SCA, two-factor authentication is changing the way people pay. Soon to be in place for both online and offline transactions, consumers will be required to provide both biometric authentication (ie fingerprint or face recognition) and the possession of a device where the possession can be dynamically confirmed, such as a sim card or encrypted token). While this two-step security sounds as though it could add pain to the process of paying, it will in fact improve the experience beyond measure for consumers who have faced decades of frustration with passwords.
“Financial sector organizations in some countries are seizing far broader business benefits by exploiting new identity sources, biometrics and advanced analytics technologies to increase customer insight and service relevance, while reducing fraud, waste and abuse”.