New Streamlined Ways of Authenticating People Quickly Proving Their Value
There is no one-size-fits-all approach to authenticating an individual’s identity. Today, the user is driving what authentication solutions should look like.
How do you confirm that people requesting access to your system and files are who they say they are? One way is to ask them to confirm their identity multiple times before granting access. Chastised in the past for awkward or clunky user experiences, new streamlined ways of authenticating people are quickly proving their value.
Bad password habits pose vulnerabilities
As the saying goes: A chain is only as strong as its weakest link. The same mantra may be applied to a cybersecurity program, where a single weak lock can pose a critical vulnerability to an entire company’s network. In the case of authentication, internal employee slipups can render even the strongest digital locks obsolete. Passwords were responsible for 80 per cent of breaches in 2020.
From weak or easy-to-guess passwords, like ‘p@ssword,’ to password reuse repeatedly across multiple accounts, people cannot be trusted to create keys granting access to digital assets. But if multiple digital locks are created, each requiring a unique authenticating factor to grant access, it is theoretically harder to force access.
Address inherent vulnerabilities: authenticate beyond username and password
Using multiple methods to authenticate (MFA) helps mitigate the vulnerabilities presented by weak password habits by requiring additional authenticating ‘factors’ before granting access. These factors can vary in terms of complexity but are usually something unique or known only to the individual. This ensures that if a single factor is compromised, guessed or lost, like a password or PIN, other factors, maybe a birth date, remain to accurately verify the identity of who or what is trying to gain access.
“Imagine somebody is trying to hack an account and they correctly guess a user’s password,” says Chris Peel, VP Customer Engineering at Echoworx. “With MFA, they may try to log in, but the owner of the account gets a pop-up on their mobile device notifying them that someone is attempting to login. Access can then be denied by the person – using this second factor of authentication.”
Advocate for user friendly authentication
There is no one-size-fits-all approach to authenticating an individual’s identity. The term is loose and can be applied to a variety of methods – from so-called ‘Strong Authentication,’ a variant of Two-Factor Authentication now a requirement for transactions over €30 in Europe, to hard-token authentication, where a physical token is required to gain access. These systems vary in the amount of security they provide – with some even deliberately hindering user experience to emphasize the importance of the access they provide.
“People won’t accept more security than they think they need.” – Google’s Mark Risher
The use of user names/password logins were created at a point in time when the experience of the user was not a prime concern. Today, the user is driving what authentication solutions should look like. New digital variants help make authentication a relatively frictionless experience – with little to no impact on user experience. A bank portal, for example, might ask a banking customer for a password as one factor, or way, of authenticating their identity. But, if more stringent access controls are required, the bank may also demand a Time-Based One-Time Password (TOTP) – a single-use and time-stamped random code – issued from an app installed on the customer’s mobile phone. This additional verification is completed by the customer without leaving their mobile phone. The key, you must keep it simple. Mark Risher, who manages Google’s identity systems says, “People won’t accept more security than they think they need.”
Authentication is an integral part of digital business
If digital trust is the new currency of customer experience, authentication is one of the locks holding everything in-place. The average user assesses the safety of an email in just 20 seconds before replying with personal information, says Echoworx in a survey they conducted. Yet, three quarters of the same people will leave a company who mishandles their data. If people cannot be trusted to safeguard access to their own data, organizations need to ensure a single digital slip-up doesn’t enable fraudulent access.
To make sure that right people enter and access the right information, strong authentication assures organizations that their entire network won’t be compromised by a single person – helping prevent breaches and compliance violations.
The future of authentication is about flexibility
A good user experience is no longer something organizations want – it’s something they need, and your customers expect. And any good experience comes down to how flexible a system is to accommodate user behaviours and changing situations. For authentication, this means access to multiple ways to ensure a recipient is who they say they are – from multi-step processes, like 2FA, to smoother streamlined passwordless biometrics.
But it’s also about the internal user experience. Did you know, for example, that an average employee spends about 11 hours a year entering and resetting passwords? While this may be alleviated with passwordless systems, it all depends on the unique authentication demands of your organization, business and industry.
Biometrics leading the way to a passwordless solutions
From fingerprint readers to facial recognition, biometric authentication is the lock of choice for most existing devices – both desktop and mobile. And, by leveraging web standard APIs, like WebAuthn, organizations can use common devices to easily authenticate. Offering biometrics, along with six additional authentication options, Echoworx enables organizations to access encrypted communications in seconds – streamlining customer and employee experiences.
What You Should Do Now
- Discover how email encryption can enhance your business in various scenarios. Book your PERSONALIZED demo today.
- To understand the power of advanced email encryption, check out our Resources. It offers valuable guides, updates on strategies, and case studies of successful clients.