Security

Biometrics and one-time passwords gaining traction among consumers

by Ericka Chickowski, DarkReading, December 2, 2010

Improved technology, growing familiarity making alternative authentication more palatable to consumers

A new report released by Javelin Research showed while consumers still strongly prefer knowledge-based authentication methods for online banking and other sensitive applications, alternative factors, such as biometrics and one-time-passwords, are currying favor.

Based on a survey conducted across nearly 2,000 U.S.-based consumers, the 2010 Authentication Report showed for online banking, 64 percent of consumer perceived that challenge-response questions were effective, compared to 58 percent who believed biometrics to be effective and 42 percent who thought one-time passwords worked well.

"This year we continue to find knowledge-based questions and challenge-response to still be the No.1 method that is familiar with consumers and perceived to be effective by them," says Robert Vamosi, an analyst for Javelin and the author of the report, which came out last week. "But this year, what was surprising was that one-time passwords and biometrics were starting to make a move on No. 1 and were performing better than we've seen in previous years."

Vamosi says this is partially attributed to improving technology and partially to growing familiarity with these alternative means of authenticating users.

"It starts in an enterprise environment and it moves into the home," Vamosi says of people's familiarity with authentication technologies. "If you go into your office and the IT department has imposed this new means of getting on the network and you become experienced with it, then suddenly at home you're presented with the same option to log into your bank account, you're going to say, 'I've seen this before, I'm familiar with it. I can work with this.'"

This familiarity aspect has particularly helped with biometrics, especially as technology has become more prevalent and increasingly built into business-grade equipment for the normal worker. "Biometrics have gone from something that you see in movies and don't really experience to something many have had hands-on experience with," Vamosi says. "Many laptops today have navigation pads that double as a biometric reader, and there's also facial recognition technologies in laptops with webcams. This is starting to come down to earth, and people are starting to see it in action and thinking it could be effective to authenticate them."

Year-over-year, biometrics has increased in perceived effectiveness among consumers by about seven percentage points, according to the report. Even better has been the jump in perceived effectiveness of one-time passwords, which shot up with consumers by 12 percentage points. Vamosi says technology improvements for better ease-of-use has been a big driver in consumers embracing one-time passwords.

"There's a lot of convenience coming out of the new technologies," Vamosi says. "A soft token can be generated in an application, it can be generated within a mobile phone, and the user doesn't necessarily have to key in the number from a separate keychain device."

Perhaps most interesting among the results, Vamosi says, is the dropping confidence in knowledge-based authentication. While it still remains the apple of consumers' eyes, there was a dip of about six percentage points in the overall vote of consumer confidence this year over last year.

"That could be the consumer's awareness of that technology being compromised," he says. "The most classic example was the Sarah Palin email attack a year or two ago. It has become clear to the consumer that the answer to those questions can be found on Facebook, or are easily guessable, so someone could potentially get into their bank account or email account."

About Author

Ericka Chickowski

Ericka Chickowski is an experienced business and technology journalist who specializes in coverage of IT security, regulatory compliance, business alignment, project management and IT employment.

In addition to her work for Dark Reading and InformationWeek, Chickowski’s perspectives on technology have appeared in a number of trade and consumer magazines, including CIO Insight, Baseline, Entrepreneur and Consumers Digest. She has covered the IT security industry extensively over the last six years, gaining particular insight and expertise while working as the West Coast bureau chief for SC Magazine. Chickowski graduated with a B.A. in English from the University of Washington and currently resides in San Diego. Readers may contact her at ericka@chickowski.com.

comments powered by Disqus

Subscribe for Newsletter

Stay connected to the best business technology content every week. Subscribe to our daily newsletter now!

Slide Shows

Upcoming Webcast

Turning the Tables on Cyber Attacks

Join Trend Micro for this upcoming webcast as it will delve deeper on the cause and effects of these responses against cyber attacks. The Speakers will tackle existing real-world developments showing how market forces, private companies, and law enforcement agencies react to the ever-changing threat landscape. They will also discuss how these trends will settle into the global and local market and how cybercriminals are likely to exploit them. Speakers: Macky Cruz, Security Focus Lead, TrendLabs, and Paul Oliveria, Security Focus Lead, TrendLabs. Date & Time: September 4, 2014, 3:00pm India Time