06 January, 2014
category: Biometrics, Digital ID
By Phil Scarfo, Senior Vice President of Worldwide Sales and Marketing, Lumidigm
It’s hard to believe that in this digital day and age we continue to rely on the decades-old authentication method of usernames and passwords. It was bad enough when we had but a few simple combinations, but now the vast majority of us have dozens of complex and hard to remember combinations.
Passwords were initially designed in the 1960s to authorize on-site users in fixed and secure locations. Access was limited to dumb terminals that had dedicated, fixed-wire connections to a corporate mainframe.
When passwords were first introduced to the world, the total combined worldwide computational horsepower was less than that available in just one of today’s smart phones.
Today, more people have mobile access than have safe drinking water and electricity. Mobile commerce will reach $3.2 trillion by 2017. Online banking is expected to reach 894 million people by 2015. And Google’s online ad revenue alone surpasses the entire US print industry.
The world has changed, quite dramatically. Why, then, do we continue to rely on authentication methods that are neither secure nor convenient?
In the tug-of-war between security and convenience, convenience has generally won. In a dramatic example, the passcodes needed to launch U.S. nuclear missiles during the Cold War were set to 00000000 to ensure that no time-consuming mistakes were made while keying in the code.
For more ordinary situations, passwords were arguably not the most secure option, but at least they were convenient and certainly easier to deploy for most organizations. There were no real heavy-duty enrollment processes or technology barriers. If you wanted to add a veil of security you simply provided a username and password combination and off you went.
So the key question is not, “Is the password obsolete?” The more important question is, “What will it take to provide the level of convenience, security and privacy that is needed to displace passwords?”
With more than 1 billion people today with broadband access – up from only about 38 million in 1999 – we are at a tipping point. Secure apps on a smart device coupled with a biometric can provide all the authentication technology needed for the next generation or more.
This is not to say that the biometric employed must be an integral part of the device. This is certainly one option. But with secure credentials being stored and securely transmitted over NFC, Bluetooth or other means in a smart device, the conditions are there for a very convenient and secure “smart digital key.”
Coupling this “smart digital key” with a “smart digital lock,” whether a banking ATM with a biometric, a kiosk or online service, could finally provide the means to deliver a “no compromise” solution that people demand and expect today.
After all, what we need is security. What we want is convenience. Some with an eye to the future realize that convenient security sells. It’s a win-win for business and ultimately the long-overdue death of the password.
About the AVISIAN Publishing Expert Panel
At the close of each year, AVISIAN Publishing’s editorial team selects a group of key leaders from various sectors of the ID technology market to serve as Expert Panelists. Each individual is asked to share his or her unique insight into what lies ahead. During the month of January, these panelist’s predictions are published at SecureIDNews.