Password Based Authentication Belongs in the Past
Password based authentication does not actually verify who is on the other end of the digital connection. This leads to anonymous users hiding behind compromised credentials which represent the weakest link in cybersecurity.
This is what I discussed in my webinar with Anuj Gupta (Managing Director of Hitachi Systems India), Srikanth Appana (Executive VP of Technology at Bharat Financial Inclusion Ltd.), Susheel Walia (Deputy CISO of Advance Auto Parts India), Jagdish Kumar (Sr. VP IT and Technology Services at Cigniti Technologies), and Amit Kumar Rustagi (VP & Head of IT at Aragen Life Sciences).
We will discuss how organizations can transition from weak, password based authentication solutions to strong next generation, identity based multi factor authentication.
It’s no secret that password based authentication is risky. This is proven in a stream of recent breaches, and countless others before, including the Aramco data leak, Microsoft espionage attack, Colonial Pipeline attack, and SolarWinds attack. In India alone, there were a whopping 1.6 million data breaches reported in 2020.
Overall, the business impact of these breaches has been devastating, with the average ransomware payment reaching almost $1.5 million and the average cost of business interruption from ransomware topping $5 million.
Security leaders have tried to patch the holes in broken password based systems by layering on two-factor authentication (2FA) and even multi-factor authentication (MFA). These methods like one-time codes sent via email complicate the user experience and still start with usernames and passwords. Unfortunately, this does not solve the fundamental problem with passwords because you still don’t know who is accessing your network.
The unsettling truth with passwords 2FA and most forms of MFA: we are running on hope … hope that passwords are confidential and the people using them are who they claim to be.
How Does Biometric Identity Based MFA Solve The Fundamental Problem With Passwords?
Bringing identity into your security architecture ensures that you know that the people who are accessing your networks are who they claim to be, always. What does this look like in practice?
To implement identity based MFA, users would need to verify their identity using government, telco, and banking credentials. Then, once verified, workers, partners and customers would use their digital identity to be recognized at login or transaction approval, providing them ease of use and organizations a high level of identity assurance for who is at the other end of the digital connection.
Adding identity in this way as a key pillar to network security helps CISOs regain control of their IT services from anonymous users hiding behind compromised logins. With identity based authentication organizations will no longer be held hostage to data breach, ransomware, and financial fraud perpetrated via identity deception.
Are you interested in learning more? In this webinar, we dig much deeper to explore the Identity Based Authentication powered by 1Kosmos proprietary next-gen biometric technology to provide stronger verification, authentication, and an intuitive user experience for your employees and customers.