I truly believe we are about to turn the corner in finally replacing password-based authentication, but I am concerned that many organisations (some vendors and some end-user businesses) are getting a little distracted with the current flavours of the month.
Last month I posted a blog explaining why emojis are not the future of authentication. This week I find myself having similar conversations about selfies, following MasterCard’s announcement that it is experimenting with a mobile app, through which the customer poses for a selfie, blinks and hey presto they are authenticated!
Many of us use emojis and take selfies everyday (as well as using social networks which is another method being considered), so on face value it would seem to make sense to try and find ways of adopting them as authentication tools. However, passwords have been with us for a long time and don’t think that they are going to go in the blink of an eye!
From an end-user perspective passwords cause us headaches, because they are overused and as we all do so much online, we need to remember so many of them. Most of us solve this problem by using the same password (or variations of it), causing organisations major headaches as we compromise their security protocols. The thing is, we all want to be secure and protected but we are also impatient and don’t want to be inconvenienced, so we look for short cuts
Now, imagine this brave new world where passwords have been replaced by the headline hitting gimmicks. As it is the start of July you want to login to your online banking to check you have been paid. To do so you are asked to provide a fingerprint (biometric). Great news you have money in your account and it is time to renew your car insurance and they want you to prove you are who you say you are with a selfie. Next you decide to do your weekly shop but before you can arrange delivery you need to use your secret combination of emojis. Three different methods to authenticate. Suddenly passwords don’t seem so bad!
For all their failings passwords are ubiquitous in our society. There is an encouraging ground swell of support to displace them, but if they are to be usurped it needs to be with something that has the potential to become just as prolific and lasting, and crucially doesn’t cause the people who use them pain.