Biometrics and behaviour-based authentication are on the rise
Knowledge-based identification may be the preferred way to authenticate online, but for how long, as biometrics and behaviour methods gain favour?
- A recent online survey from Callsign may suggest our relationships with passwords and other knowledge-based ways to identify ourselves online are shifting, as less than half of those polled in both the United Kingdom (45%) and United States (44%) prefer using passwords and memorable information to access an online account
- Biometrics identification is a close second, with 32% of adults in the UK and 27% in the US preferring this method
- Behavioural identification, where a person’s typing rhythm, screen swipes or mouse movement is used, is a relatively nascent form of digital identification, yet US respondents are twice as likely to prefer this method over their UK counterparts – 6% and 3%, respectively
LONDON, August 28, 2018 – Passwords can be the bane of frustration for anyone creating or accessing accounts online. And a recent online survey conducted by Callsign, a London-based company with the mission to seamlessly validate an individual’s identification for every web, mobile and physical interaction, suggests our relationship with passwords to identify ourselves online is shifting.
It’s shocking to consider single-factor authentication is even in use today, given that poor password habits and stronger computing power has led to an increase in hacking-related breaches involving either stolen or weak passwords. Therefore, it’s reassuring that the Callsign survey showed a knowledge-based approach, such as passwords, for accessing online accounts is favoured by less than half of UK and US respondents (45% on both sides of the Atlantic).
Over the last few years, increased availability of biometric tools on laptops, tablets and smartphones has given consumers a taste for biometric identification, and in the survey 30% noted a preference for sharing and storing biometric information (32% in the UK and 27% in the US) for identification when accessing an online account or making a purchase. Still, it is clear there is still a long way to go in shifting consumer attitudes away from solely relying on passwords. Biometric information as well as behavioural biometric data – such as the way a user swipes their screen or their unique keystroke pattern when entering their password – need to become the norm, so companies can more intelligently identify anomalies and apply additional layers of security.
With employees frequently cited as the weakest link in corporate cybersecurity enforcement, it is no surprise that traditional passwords are preferred at work, where people’s reluctance to embrace more innovative methods of identification over a presumed ease of access is commonplace. Knowledge-based identification was the most favoured by 56% of workers (58% in the UK and 51% in the US), while biometric methods were preferred by a mere 15% of workers.
“The study suggests we’re at a tipping point where our reliance on simple passwords is on a steady downward turn. Although two-factor and multi-factor authentication, along with biometrics, are an improvement, they are still flawed,” said Callsign CEO Zia Hayat. “Ultimately, we understand the privacy of users is paramount. Companies need to offer choice and control when it comes to the data that is collected and the identification methods used – another reason multi-factor identification is so limited.”
“However, there is a new realm of behavioral identification that is truly revolutionising and streamlining identification and improving customer experiences, all whilst minimising fraud. Here at Callsign, we’re creating a much more positive experience with greater protection and better privacy for the consumer or worker” Hayat concluded.
Other insights from this survey include:
Despite the high preference for knowledge-based identifiers at work (58% in the UK and 51% in the US), they are less favourable for personal use, where 46% noted they were preferred when logging in to check an account balance and 44% chose it for making a purchase or a balance transfer
The UK tends to be more receptive to biometrics compared to the US, with 32% to 27%, respectively, noting they’d prefer it overall
In the US, age is a significant factor as Baby Boomers (55+) are more receptive to passwords (46%) and biometric identifiers (31%) than younger respondents (aged 18-24), with 39% preferring passwords and 26% preferring biometric identifiers. Younger respondents (those 18 to 24) were more receptive to behavioural identifiers (12%) compared to those aged 55+ (4%)
Callsign commissioned YouGov Plc to conduct the survey. All figures, unless otherwise stated, are from YouGov Plc. Total sample size was 2,131 adults in the UK and 1,160 adults in the US. Fieldwork was undertaken in August 2018. The survey was carried out online. The figures have been weighted and are representative of all UK and US adults (aged 18+).