A number of different terms apply to this use case, such as User Access Management (UAM), Identity and Access Management (IAM), Privileged Access Management (PAM) or Customer Identity and Access Management (CIAM). At PXL Vision, the trailblazers we are, we call it Account Access Management because that is precisely what is being accomplished with this use case. Indeed, this is one of the premier use cases of our product – simplifying access to user accounts.
As the oft used saying goes, at least in literary circles, “a rose by any other name would smell just as sweet" implying that the names of things do not affect what they really are. At PXL Vision, Account Access Management, and all of the other names it goes by is about adding a layer of trust to the online world in order to keep people safe and secure.
The growing complexity of our digital interactions has added immeasurable value in the form of convenience to our everyday lives. However, this trend has also invited numerous security threats into our lives. Hackers and other bad actors that are able to gain access to your online accounts can steal your identity, transfer funds out of your accounts or change important details to your information that negatively impact you.
The first and usually only line of defence that most people use to protect their online accounts is the traditional username and password combo. This is no longer sufficient especially for the multitudes who recycle and reuse passwords and use them on more than one account. Data hacks/leaks, SIM swaps, recycled usernames/passwords, the list goes on, have amounted to a massive security threat to our online existence.
The inventor of the modern-day computer password, Fernando Corbató, acknowledged a few years before passing away that the legacy security procedure of passwords had become a nightmare. In a 2014 interview with The Wall Street Journal, then 87-year-old Corbató said passwords don’t offer "a super-high level" of security anymore and that a better solution was needed.
One solution is two factor authentication (2FA). While better than the traditional username and password combo, it simply doesn’t go far enough in protecting us. SIM swaps or stolen devices can be used to gain access to online services that are protected in this way. Worse yet, 2FA can provide a false sense of security in that it is considered secure and that people are less likely to question a malicious individual that has passed through the 2FA requirements.
What about doing away with passwords altogether then?
There are a number of benefits that a business gains by removing the password obligation to access their online goods and/or services. The most important is the reduction of costs. It is becoming exceedingly more difficult to enforce proper password etiquette. A regular PC is able to crack a complex 8-character password in about 9 hours. This means that evermore complex passwords are being requested by providers. You know the drill: Create a password, use both upper- and lower-case letters, some numbers, at least one special character (Oh! How many minutes are wasted when searching for those special characters on a new device).
The amount of time and money spent when customers have to call a call center for a password reset or run through the password reset gamut. What was the name of the street that you grew up on again? Did you spell it right last time? Did you remember the street name correctly? Some reports have indicated that large organizations spend 100-200 dollars per employee, per year on password related issues alone.
If cost reduction is not a good enough argument, what about improved security? It turns out that passwordless methods are more secure too. A passwordless method cannot be phished or cracked because there is no password to begin with! Passwordless login is much simpler than using passwords and this in turn can strengthen authentication policies at your organization. No more trying to figure out how to deliver passwords to new users or chastising your employees for writing their password on a sticky note stuck to their monitor.
A final benefit to going passwordless is for an improved user experience. Entering in passwords is a waste of time. Fortunately, most internet browsers autofill the password fields (which is in itself a security risk) but it still becomes an issue if the password is inadvertently erased or deleted from the system or changed and not properly updated. Remedying these situations wastes time and takes attention away from other more important business activities.
Immediate benefits of going passwordless
- Reduction of costs – No more enforcement of complex passwords and valuable resources spent on password reset protocols.
- Improved security – No more stolen, cracked, or phished passwords. A simplified login/authentication process for users/employees alike.
- Improved user experience – An improved user experience and no more lost time on archaic login processes.
Biometric authentication is finally here
Recall some of the best, dare I say coolest, sci-fi movies that you have ever seen. Biometric authentication is usually somewhere in the plot. Fans of Star Trek or Trekkies will remember the use of voice ID, retina scans, basic vitals and facial recognition playing a role. And of course there is 2001: A Space Odyssey, which made strong use of voice ID and facial recognition. Blade Runner, Robocop, Demolition Man, all classics of the 80s and 90s featuring some aspect of biometrics.
Biometric authentication is a thing of science-fiction no more. It is non-fiction, aka. the real deal. The best authentication technologies are based on biometrics; namely, facial recognition and that means no more passwords. Your face is unique to you, and it can be used to authenticate yourself across any number of devices. The best example is your smartphone, given the onboard camera and feasibility of downloading an app from a company that uses biometric authentication technology.
How can facial authentication technology help with information security?
Facial authentication technology uses face scans in order to add an extra level of protection to your login process. Facial authentication technology offers a superior level of account protection especially when combined with a username/password combo. This username/password combo could be something easy to remember, given that hackers would have to have access to both it and your face at the same time.
After the user has been verified using their username and password, the user’s face can then be used for further account authentication. A face scan can be used as a second factor and incorporates sophisticated algorithms that can pick out the slightest abnormalities and either grant or reject access to the user.