Why passwords will never be replaced by our bodies

A combination of strong password authentication and biometrics is the potential way forward for a low-cost, simple and secure digital customer journey. Story by Simon Cadbury.

Why passwords will never be replaced by our bodies

When it comes to computing, passwords have been with us since the very beginning. The very first logins were set up as part of MIT’s Computer Time Sharing System in 1960, and as computing hit the mainstream, passwords became an established part of our lives.

However, the beloved password isn’t without its flaws, and as technology becomes more advanced, its problems are becoming increasingly evident. Worryingly, Verizon’s 2016 Data Breach Investigations Report (now updated) found that 63% of confirmed data breaches involved weak, default or stolen passwords, and that breaches were typically exacerbated by consumers opting to reuse passwords, or share them with family and friends. Given that the most commonly used password is ‘123456’, most dono’t present much of a challenge to savvy phishing and hacking attacks.

Enter biometrics. For a long time, biometric authentication – identity verification based on measurable biological traits – has been considered the technology most likely to supplant passwords. Directly addressing the weaknesses of passwords, biometric measures are secure, they don’t tax your memory or rely on your ability to keep them secret, and you can’t lose, forget or share them. Many banks have already begun to implement biometric security procedures, with consumers now using all types of digital banking technology, including HSBC’s voice recognition system, Mastercard’s selfie payment technology, and Barclays’ finger vein authentication technology.

Nonetheless, as with passwords, there are challenges. For a start, implementing biometric security measures can be costly and complex – a significant hindrance to any business. Additionally, most biometrics are not black and white: When we enter a password, it’s either right or wrong, with no margin for error. Biometrics, on the other hand, say how likely it is that somebody is who they claim to be and need to be tuned.

Finally, and most importantly, biometrics cannot be reset. Once a security breach has occurred, there’s no turning back. People can’t change their tone of voice or their fingerprints, and we’ve already seen security measures hacked with very little effort.

Behavioural measures

A lot of work is being done to try to make biometrics more affordable and less susceptible to breaches. One potential option is through exploring behavioural measures that, unlike physical attributes, can be reset. Moreover, two-factor authentication (2FA) systems offer another alternative. By combining a password and something you ‘have’, such as a mobile device, you can create a robust process that could extend the life of password authentication into the foreseeable future. And, while it lacks the convenience of the traditional method, it’s a step in the right direction in providing a highly secure, easy to use and resettable process.

Ultimately, it’s becoming clear that current password processes aren’t working well enough or doing what they’re designed to do, which is protect us. They need to be improved. By combining stronger password authentication with efficient monitoring of unusual behaviour, and with the added security of biometrics through financial services technology, consumers can continue to enjoy the considerable advantages of a low-cost, simple and secure digital customer journey.

Find out more about our digital solutions

Subscribe to our newsletter

Top stories -

News Opinion -

What does CP20/1 Single Easy Access Rate Regulation mean for...

“Competition is not working well for many of the 40 million people who hold easy access savings accounts. Our...

Read more
News Opinion -

Can you avoid becoming another banking zombie?

Back in 2013, our digital banking solutions expert Kevin Phillips wrote a blog on Zombie Banking which you can read...

Read more
Debt Collections Technology -

How can a digital channel support customers with an...

Digital banking is now evolving to cater customers in debt. Banks are gradually awakening to realise that the digital...

Read more