Is it time to bid adieu to passwords and say hola to fingerprints? Are we finally moving towards a virtual world where the human body could be the key for accessing physical or virtual systems? Will biometrics sound the death knell on passwords or are we speculating a plot of a sci-fi movie? Is possession-based authentication (OTP, App based configuration to validate access) is a better way to look at MFA?
We may safely assume that password security has failed over a period of time. With uncountable number of passwords being required in different applications and getting compromised in the past few years, the security concern hovering around us has become a big predicament. And so, fingerprints are here to disrupt our way of life. It might seem invisible or minuscule, but biometric access is making inroads in a ‘creepy’ manner. Isn’t it now a new normal to use Touch ID on iPhones and iPads? With that thumbprint at the entrance of our office, it makes our presence felt in an organization in the most authentic manner!
The ongoing danger of falling prey to hackers and unbearable invasions to private information have proved detrimental to people and organizations alike. The loss has huge ramifications – access to bank accounts and details, credit history, records including health and wealth. This is like primarily giving away your identity to the hackers so that they are able to use it per their discretion.
But the question is, are we ready to swap fingerprints with passwords for identity verification? And, if not, why?
- “My fingerprints are everywhere, what if they are misused”: Blame it on CSI or sci-fi/thriller movies. We are paranoid that someone may steal our fingerprints and misuse them to access our accounts/details. But passwords are even more vulnerable to hacking. Sometimes even kids have the passwords of our devices, which may lead to unintentional data loss. With fingerprint access, you are assured that your personal information is protected against cyber-attacks, data breaches and scams. Recently, I established Touch ID on my iPad and now my family always asks for my thumbprint whenever they want to play on iPad or do anything on it. In a way, it has slowed down the easier access that was available without the thumbprint. Now they know that if they try to fiddle with the iPad in anyway, they will end up wiping it out. But what about my finger prints stored at some remote location. What if a sophisticated hacker gets hold of it? Once finger prints are stolen, they cannot be changed. Is there a better way? Perhaps, a possession based authentication.
- “It will slow down productivity of my employees”: A personalized access system translates into increased security with robust (in-time) access for the right user. Through such a process, companies would be able to bifurcate access as per individual’s requirement in a secure manner. Organizations might not have to worry about passwords being hacked or being handed over to other employees, resulting in malicious or unintended data theft and loss. Productivity may not hamper, as it would be a quicker way to access systems as well. However, in case of senior or management level employees, due to intervention of multiple assistants, there could be a propensity of a lag time. This could be circumvented by using manual intervention.
- “I am not sure if my thumbprint will actually keep away the hackers”: A valid point, as a single authentication system may not be the most secure one. However, using biometrics in combination with other access systems could ensure a robust technology. Implementing multi-factor authentication (MFA) would form a second line of defense, stepping up the authentication process. It could be a combination of query-based access – which could be intuitive in nature, pulling information from public records – or using one-time pass code sent on the mobile phone or utilizing Centrify’s app integrated on a user’s mobile phone to confirm access as one enters the system.
So, are we really witnessing a David here, about to kill Goliath? Maybe, not in the immediate future, but surely in the next 6-7 years, standalone password authentication would see a gradual decline. User-friendly and adaptive MFA, is the next step towards protecting credentials from being compromised.
Through a mix of various authentication tools, techniques and approaches, Centrify’s Multi-Factor Authentication (MFA) and Policy allows businesses to leverage technology for stronger security with integrated MFA for apps and VPN. Avancer can offer specialized support for implementation of MFA on users’ mobile devices for hassle-free Identity and Access Governance.
This post was originally published on Centrify’s Blog.