Broker Check

Are Passwords Obsolete?

February 08, 2021

By now it is a commonplace that Internet fraud using identity theft is a growing problem. Cyber criminals can take advantage of weak passwords to enter a user's network, or use a phishing email to get password information. According to research by Gartner, up to 50% of help desk inquiries are password resets.

In a post on Fraud Prevention Blog "Where  marketers go, fraudsters often follow" Sean Trundry discusses alternatives to using passwords for authentification.

Mobile device manufacturers have been using facial recognition and fingerprint scanners as "no password" authentification. The advantage to users is they apply to multiple accounts. The technology is in place for other means of covert authorization.

Not every transaction requires the same level of verification. For online retail purchases, the seller only needs to confirm the user's credit or debit card is valid. In contrast, financial institutions need confirmation that persons are who they purport to be.

"Passive" or "covert" methods of authentification include generic information about a user's device or location. Higher risk transactions can be authenticated by a user's interaction with a device - saying a phrase, a fingerprint,  a facial match. Behavioral biometrics - a user's scrolling speed and patterns, finger size, keyboard typing - can provide background authentification without further input, and build a user profile to personalize services and products.

Businesses should be aware of and adapt these new technologies to reduce identity theft and improve customer service.