Passwords may be headed toward obsolescence. This is a potential paradigm shift in the way people access smartphones, personal computers, websites and many other password-protected technologies.
Why is it happening?
One reason is the intensifying consumer dissatisfaction with passwords.
People are becoming less comfortable that the sensitive personal data they share with companies – such as health records, credit card numbers and financial information – remains secure. They believe passwords used to access that data are becoming more vulnerable to hackers, and are more frustrated with the multitude of passwords they need to store, organize and remember.
What has heightened users concerns is a market phenomenon called the “Internet of Things.” This market focuses on connecting more devices than ever to each other that generate, store and share unprecedented amounts of sensitive personal information. More data on more devices requires more passwords – all of which creates more security risks.
Password alternatives
This anti-password sentiment emerges from Accenture’s Digital Consumer Survey. The poll – 24,000 consumers in 24 countries – reveals that 60% of consumers think passwords are cumbersome, while more than three-fourths (77%) are interested in using alternatives to protect their Internet security. Fewer than half (46%) feel confident in the security of their personal data.
Globally, openness to alternatives has become pervasive in countries in diverse locations. Consumers in China and India are the most likely to consider alternatives at 92% and 84%, respectively. More than three quarters (78%) in Brazil, Mexico and Sweden, and 74% in the United States, said they will consider security methods besides passwords.
Alternatives
There will likely be a decline in password use during the next few years as alternative methods such as biometrics and device authentication supplement or replace them. Biometrics include fingerprint scanners, palm prints, eye irises, finger veins and face recognition. Applications range from traditional law enforcement fingerprinting identification to border-control products to recent growth in banking and payments.
Authentication ascertains whether a technology user is the person they claim to be, but how do these technologies work?
Two-factor authentication
Two-factor authentication requires that a person possess two elements. One is a password and the second is something else in their possession, such as a biometric fingerprint or physical token. By increasing the number of attributes to prove authentication, hacking into accounts is more difficult
Device encryption
Device encryption protects the device’s data from being hacked. For example, using a smartphone encryption technology locks the user’s personal identification number during boot up. With the handset protected for encryption, the user receives a prompt to enter the PIN.
As boot up continues, the device functions normally as encryption/decryption remains on-demand and transparent for the smartphone user.
Authenticators
An authenticator verifies the user is the person he or she claims to be. In four different ways the technology confirms this:
· By information the person knows such as a password or PIN;
· By a device the user has such as a security token or smart card;
· By a physical characteristic such as a fingerprint; and
· By the way the user types, walks or holds their smartphone.
Final thoughts
With the unprecedented and unstoppable proliferation of devices, data and connectivity, the paradigm shift away from passwords is well underway and accelerating. People want more privacy and security than passwords can provide. Alternatives to passwords will continue to coalesce and be more widely used in our digital universe.
Sami Luukkonen is the global managing director for Accenture’s electronics and high-tech group. He can be reached at [email protected].
Editor’s Note: The RCR Wireless News Reality Check section is where C-level executives and advisory firms from across the mobile industry share unique insights and experiences.
