Consumers recognize biometrics security tops passwords, Experian says
Consumers have finally lost faith in passwords, Experian says in the new version of its annual Global Identity & Fraud Report, with physical biometrics like facial recognition and fingerprints a preferred method of authentication. The survey comes just as the FIDO Alliance reports that social media account compromises have become so wide-spread that almost half of UK consumers have experienced them, or know someone who has.
Other authentication methods consumers recognize as more secure than passwords include PIN codes sent to mobile devices, and passive behavioral biometrics. It marks the first time in four years passwords were not among consumers’ top three choices.
“The top three methods consumers prefer actually give people the added security they desire when accessing their accounts,” comments Eric Haller, Experian’s EVP and general manager of Identity, Fraud and DataLabs. “Consumers want to be recognized digitally without extra steps to identify themselves, and they don’t want to remember yet another password. They are open to more practical solutions in today’s digital era.”
The report also found that consumer online transactions have increased by 20 percent since the pandemic began.
Nearly half of consumers under 40 (48 percent) and 37 percent of those over 40 feel safer using biometrics for security than before the pandemic. Fraud concerns have increased in almost exactly the same proportions.
Social media security not clear to consumers
Social media hacks are not confined to celebrities and influencers, but 26 percent of consumers say they are not familiar with two-factor authentication options or using them, according to research from the FIDO Alliance.
A large number of consumers (43 percent) report feeling like they should increase the security of their social media accounts when they learn of an account takeover, yet not following through with any action.
Creating a stronger password is the most popular action taken when people do make a change.
All social media services offer simple two-factor authentication with SMS one-time passwords (OTPs), and most, including Facebook and Twitter, provide an option for authentication with biometrics or physical tokens through FIDO security keys.
“You may think that well-known individuals with mass followings are the only target, but our research shows that a much larger number of people have been affected,” says Andrew Shikiar, executive director of the FIDO Alliance. “Social media accounts are prime targets, as they hold so much of a user’s personally identifiable information (PII). Yet, our research shows a disconnect between the need for stronger security for social media accounts and consumer awareness of how to take action.”
Shikiar notes that Twitter and Facebook have made stronger security measures available, and suggests that consumers need to know what they are and how to use them.