Is it time to ditch password-based authentication in favour of your customers?
Over the last 40+ years of information security, the world has relied on one common security system: passwords. Password-based authentication has for a long time been the standard way of managing user access.
But as the cyber security industry changes and develops, we are learning more about the risks and frustrations associated with passwords. This has paved the way for innovative methods to make Customer Identity Access Management (CIAM) more secure and streamlined.
The impact of passwords on your customers
Password-based authentication might be negatively affecting your business.
Bold statement, yes, but the use of passwords can frustrate customers who can’t successfully log in, or purchase online, simply because they can’t remember their password, or the authentication process bothers them so much they give up. In fact, some reports show that up to 55% of customers have stopped using a website due to the complicated login process.
Let’s face it; we’ve all experienced “password rage” (is that a real condition?!). Where we mutter under breath (or loudly) words of frustration when we are trying to log in to an account, but can’t remember a password, so we need to reset but run out of time, get logged out, or simply cannot fathom the sign-up process in the first place.
But personal frustrations aren’t the only issue here.
The impact of passwords on your business
As well as affecting your customers, the use of passwords can also prove a security risk because passwords are easy to hack, leaving you and your customers vulnerable to a breach. Many people admit to reusing the same password multiple times across different accounts. This means that if their password is shared just once, or a site they use that common password in is breached, the likelihood of someone abusing one or more of their accounts is high.
You could also be wasting precious resources. IT support and security teams within SMBs spend an average of 4 hours per week on password management-related issues, which sounds like a huge loss of time if you ask us!
Moving forward, businesses are embracing passwordless authentication methods and focusing on CIAM to provide a more secure and reliable way of authenticating users.
According to a FIDO Alliance: Authentication Attitudes, Usage & FIDO Brand Research Report, consumers are waking up to the advantages of customer identity as a way of bringing in passwordless authentication.
For example, 73% believe that device biometrics are easier to use, 77% believe that device biometrics are quicker to use, and 58% believe retailers offering on-device authentication care more about their customer experience
The Mastercard “Biometrics report also showed that 93% of consumers prefer biometrics to passwords, 83% believe biometrics more secure, while 92% find them more convenient.
These findings are not surprising when you also find that consumers have up to 90 online accounts, 25% forget at least 1 password per day, and 1/3 of online transactions are abandoned at checkout due to forgotten passwords.
An introduction to Customer Identity Access Management
Businesses use CIAM solutions to identify a customer and grant access to their online applications and services. Allowing customers to sign up and manage their account profiles easily. Rather than asking someone to remember a password, you might offer a ‘single sign-on’ system (SSO) that allows users to log in to one application and automatically be logged into a set of other applications. This is commonly seen with Google G Suite, where logging into your Gmail means you’re automatically logged into YouTube, Google Drive, and other Google platforms.
Or you might use a more secure authentication process such as multi-factor authentication which demands an extra credential for users to prove their identity. For example, a One-Time-PIN (OTP).
There is also increasing use of biometric credentials like fingerprints or face recognition apps, that not only have actual security benefits over OTPs, but are also much more convenient to use.
Benefits of Customer Identity Access Management
CIAM provides solutions to many of the frustrating issues that passwords bring, while also showing your customers that you care about their user experience.
From a business point of view, CIAM solutions offer several benefits:
A beneficial way to use data because all the transactions are logged
increased security for data and accounts – because you can track each customer’s use and login habits for risk-based authentication, potentially fraudulent activities can be detected easily
Easily comply with privacy regulations and data protection laws
Time and money saved on password management-related issues, with increased opportunity to leverage passwordless biometry, commonly equipped on modern smart devices that customers themselves own and use.
Innovative methods to scale up as and when needed
For the consumer, CIAM offers a better experience which in turn helps your business. Users can enjoy huge benefits:
Simple and quick sign in or sign up
Easier online experience when making online purchases
Consistent customer experience across channels
Reassurance their data is protected from fraud, breaches, and privacy violations
Our new partnership with Transmit Security
At The Missing Link, we partner with the best and most disruptive vendors in the industry to provide the best CIAM solutions and customer experience. We have multiple partners in the CIAM space and one of the most recent additions to our CIAM arsenal is Transmit Security an exciting new approach to app less multichannel biometrics for a truly seamless customer experience.
Here’s what our CISO, Aaron Bailey, had to say about our new partnership, “We have been providing strategic cyber security advice to our clients for many years, and passwords and authentication constantly come up. Whether it’s security awareness training on strengthening passwords, password managers or it’s related to our Red Team going straight for the centralised directory and highest privileges to move laterally in an environment. I am personally excited by the concept of a true ‘passwordless’ future Internet experience. It’s about time that we moved away from this decades-old approach to authenticating users, and I’m excited by being an early-adopting partner with Transmit Security in the region.”
When asked for comment about this new partnership, Richard Metcalfe, Vice President, Asia Pacific & Japan had this to say: “We’re delighted to be working with The Missing Link as our first Australian partner. Aaron and the team bring an enviable level of security focused expertise to the partnership. They immediately understood the business benefits that a true passwordless solution would bring to their customers’ consumers. It’s clear from our meetings that improving customer experience by removing passwords is a high priority. Furthermore, minimising the risk of fraud by significantly reducing incidents of account takeover and providing better customer insights will deliver genuine opportunities for revenue growth.”
Essentially, customer identity needs to be at the forefront of customer experience and security plans as users demand a better way. If you’d like to see how a CIAM solution can work for your business, contact one of our CIAM experts.