As hackers step up their game, authentication has never been more important. In this Tech Express, Richard Lack explains the technology and what the future holds for the authentication space.
CBR: What is authentication?
RL: Authentication is the process or action of verifying an entity, a way of determining whether or not someone or something is what it is declaring to be. The authentication process relies on an entity inputting credentials that match up with those on an operating system or authentication server.
CBR: What is the difference between identification and authentication?
RL: Identification is the process or action of claiming to be an entity, authentication, however, is a process or action of verifying an entity. For example, by entering a username, you are claiming to be an entity (identification), by entering a password, you are verifying this entity (authentication).
CBR: What is the most secure form of authentication?
RL: While it sounds relatively sci-fi, biometrics are fully supported by Gigya, and are beginning to take hold as a preferred security method for accessing devices as well as apps, as they streamline the user experience and are more difficult to hack. Currently associated mostly with fingerprints and smartphones, new forms of bio-authentication are on the horizon, including facial, iris, voice and palm vein recognition.
An organisation’s customer authentication strategy should be driven by user experience, but that doesn’t mean security should take a backseat. The variety and scale of attacks and breaches is a key reason that businesses should offload rather than assume all risk for customer authentication. For example, best-of-breed, cloud-based authentication solutions maintain industry certifications such as ISO27001 and comply with regulations like Children’s Online Privacy Protection (COPPA) for data safety. By adhering to these standards and practices, a dedicated provider can ensure that personally identifiably information (PII) and other sensitive information is safe at all stages, and can also guarantee that companies remain in compliance with privacy and regional regulations.
CBR: What do you think the future holds for the authentication space?
RL: Traditional passwords are currently widely used as a method of authentication but are poised to become obsolete in the next 10 years, with our survey finding that 52 percent of consumers would choose to do away with usernames and passwords in favour of other forms of authentication. The security risk is a top factor driving consumers’ identity authentication preferences. Identity authentication is a critical point of differentiation because consumers increasingly expect businesses to maintain high levels of security and data privacy while delivering a superior customer experience, including convenience and personalisation.
Adopting the right authentication system can be the difference between enhancing customer engagement and sales, or turning visitors away to a competitor. By implementing a system that is both flexible and secure, organisations can ensure customers are given a frictionless, streamlined experience to access products and services, With the development of more flexible and advanced authentication technologies, it has never been more appropriate to use systems that make logging in effortless rather than a chore.
Your digital strategy should ensure that new technologies can be leveraged as they come online. It’s important to have a flexible authentication solution in place that can accommodate new trends in the marketplace, and respond to trends driving changes in authentication.