Biometrics and behaviour-based authentication on the risehttps://securityitsummit.co.uk/wp-content/uploads/2018/08/Passwords.jpg 960 640 Stuart O'Brien Stuart O'Brien https://secure.gravatar.com/avatar/81af0597d5c9bfe2231f1397b411745a?s=96&d=mm&r=g
A new survey suggests our relationship with passwords to identify ourselves online is shifting.
For some of us, it’s shocking to consider single-factor authentication is even in use today, given that poor password habits and stronger computing power has led to an increase in hacking-related breaches involving either stolen or weak passwords.
But a Callsign survey has revealed that a knowledge-based approach, such as passwords, for accessing online accounts is now favoured by less than half of UK and US respondents (45% on both sides of the Atlantic).
Over the last few years, increased availability of biometric tools on laptops, tablets and smartphones has given consumers a taste for biometric identification, and in the survey 30% noted a preference for sharing and storing biometric information (32% in the UK and 27% in the US) for identification when accessing an online account or making a purchase.
Bit it’s clear there’s still a long way to go in shifting consumer attitudes away from solely relying on passwords. Callsign says biometric information as well as behavioural biometric data – such as the way a user swipes their screen or their unique keystroke pattern when entering their password – need to become the norm, so companies can more intelligently identify anomalies and apply additional layers of security.
With employees frequently cited as the weakest link in corporate cybersecurity enforcement, it is no surprise that traditional passwords are preferred at work, where people’s reluctance to embrace more innovative methods of identification over a presumed ease of access is commonplace.
Knowledge-based identification was the most favoured by 56% of workers (58% in the UK and 51% in the US), while biometric methods were preferred by a mere 15% of workers.
Other insights from this survey include:
- Despite the high preference for knowledge-based identifiers at work (58% in the UK and 51% in the US), they are less favourable for personal use, where 46% noted they were preferred when logging in to check an account balance and 44% chose it for making a purchase or a balance transfer
- The UK tends to be more receptive to biometrics compared to the US, with 32% to 27%, respectively, noting they’d prefer it overall
- In the US, age is a significant factor as Baby Boomers (55+) are more receptive to passwords (46%) and biometric identifiers (31%) than younger respondents (aged 18-24), with 39% preferring passwords and 26% preferring biometric identifiers. Younger respondents (those 18 to 24) were more receptive to behavioural identifiers (12%) compared to those aged 55+ (4%)
“The study suggests we’re at a tipping point where our reliance on simple passwords is on a steady downward turn,” said Callsign CEO Zia Hayat. “Although two-factor and multi-factor authentication, along with biometrics, are an improvement, they are still flawed. Ultimately, we understand the privacy of users is paramount. Companies need to offer choice and control when it comes to the data that is collected and the identification methods used – another reason multi-factor identification is so limited.”
“However, there is a new realm of behavioural identification that is truly revolutionising and streamlining identification and improving customer experiences, all whilst minimising fraud. Here at Callsign, we’re creating a much more positive experience with greater protection and better privacy for the consumer or worker.”
Callsign commissioned YouGov Plc to conduct the survey. Total sample size was 2,131 adults in the UK and 1,160 adults in the US. Fieldwork was undertaken in August 2018.