Multifactor password-free security for computer access
This is a guest post by Ravin Sanjith, Program Director at Opus Research.
I’m sure you have experienced the ease of using TouchID to log into your bank account or to check your balance on your AMEX card. It sure beats having to remember or type in a complicated string of letters, numbers and special characters on your smartphone’s tiny screen. Or maybe you’ve used Alexa to order protein powder from Amazon on your tablet or smartphone. There is no doubt that convenience drives exponential usage.
There is an insatiable demand for delightful, friction-free experiences. Mobile authentication methods have gained acceptance among smartphone users, who are willing to experiment and adopt facial recognition, voice biometrics, fingerprint verification, and a wide range of other authentication options. But, when faced with a “security” roadblock, our immediate response tends towards abandoning our shopping.
Back at my desk, unfortunately, I have limited low friction options for accessing my computers for work. While I crave the same friction-free experiences that I enjoy in my mobile life, I am forced to follow the ”security-first” and “security over UX” policies that firms are obligated to implement in order to protect corporate assets.
Many login interfaces require passwords, and unfortunately due to the nature of passwords, users are always inventing ‘secret’ shortcuts that make it easier to log in, such as using password managers, reusing the same password, or crafting minor but predictable and guessable differences between their favorite password or passphrase combinations.
Unsurprisingly, hackers are always a few steps ahead of these wily schemes, which ultimately leads to breaches; Big Breaches! Most of the much-publicized mega-data breaches the past few years are due to compromised or stolen passwords. According to the 2017 Verizon Data Breach Incident Report, compromised passwords were responsible for 63% of all confirmed data breaches between 2016 and 2017. And the 2018 Verizon Data Breach Investigations Report, confirms the use of stolen credentials (hacking) as the #1 form of threat action. Unfortunately, it seems that 2FA solutions, including the likes of physical and virtual tokens have done little to stem the tide.
The common denominator is the password, and while much has been said to deprecate the user as the weak link in password management, viable alternatives have been scarce for computer users. Veridium believes that the answer may actually lie in leveraging sensor-rich smartphones, something that users are increasingly familiar with, and trusting of. Veridium has combined the security and convenience of smartphone capabilities to disrupt enterprise and personal computer access.
Offering both seamless UX and state-of-the-art, multimodal and multifactor security, Veridium has eliminated the challenges of unlocking and logging into a workstation by eliminating passwords altogether for both online and offline scenarios. A simple biometric scan from a smartphone and you are in. Into Citrix, Active Directory, Salesforce, Skype, DropBox, your corporate environment or any enterprise app that uses SAML.
I am excited to join Veridium on this webinar, Multifactor Password-Free Security for Computer Access on Oct 11 at 11 EST, where we will delve deeper into this innovative alternative to passwords. I am sure you are equally eager to hear how employees can be given more secure, low friction computer access while protecting themselves and their organizations.
In this webinar you will learn how:
● To enable secure password-free logins online and offline
● Advanced smartphone capabilities can be leveraged to improve access
● To reduce the risk of large-scale data breaches by eliminating passwords
Register for the webinar here.
About the author
Ravin Sanjith is a Program Director at Opus Research and has over 25 years’ experience in a range of small to multinational enterprises
DISCLAIMER: BiometricUpdate.com blogs are submitted content. The views expressed in this blog are that of the author, and don’t necessarily reflect the views of BiometricUpdate.com.