Topics In Demand
Notification
New

No notification found.

Why should organizations adopt biometric & facial authentication, moving forward?
Why should organizations adopt biometric & facial authentication, moving forward?

March 31, 2021

41

0

Most organizations switched to work from home hastily last year due to the mayhem caused by the Covid-19 pandemic, often leaving the doors open for malicious elements to come in and infect the corporate resources.

As work from home increased by 5 times when compared to the pre-Covid days, cyberattacks surged by a whopping 260%. In most of the cases, cyberattacks were carried out by stealing user identities or exploiting the poor (or lack of) user authentication mechanisms. Deloitte reports that the three-month span between February 2020 and May 2020 alone saw as many as 500,000 people being affected by data breaches, while the US government reported a 3,000% increase in identity theft attempts due to the Covid situation.

This unprecedented surge in identity theft and authentication-related cyberattacks demands a new security approach, particularly in industries like BFSI, Healthcare, Pharma, PSUs, which are heavily regulated and work with highly sensitive data. Thus, CTOs, CIOs and CISOs need to take a relook at their organizations’ authentication mechanism, to guarantee uninterrupted business operations and strict regulatory compliance while keeping malicious forces at bay.

Passwords – Not secure enough anymore

Passwords is one of the most conventional mechanism used to protect user identities. But passwords, by themselves, are not considered to be secure anymore. In “passwords-only” security model, access is provided based on “what you know” and anyone who knows the password of a user can gain corporate access. Thus, a password-based access doesn’t guarantee that the person who logged in, is the real user. Identity thefts and credential sharing are also increasing, rendering “passwords-only” security model ineffective by the day.

Multi-Factor Authentication – A well-improved alternative

Organizations are increasingly adopting Multi-factor Authentication (MFA) to overcome the limitations of “passwords-only” authentication for preventing unauthorized access.

As part of MFA, OTPs (through SMS or email) or push notifications add a second layer of authentication on top of conventional passwords, minimizing the chances of security breach or identity theft. OTP- or push-notification-based authentication improves the security by verifying “what one possesses” (phone, PC or laptop), along with “what one knows” (password). 

Nevertheless, OTP-based MFA is still not foolproof. User’s PC, laptop or phone might get compromised or stolen. Also, from a ‘user experience’ point-of-view, delay in receiving OTPs, or mistyping OTPs may result in suspension of access permissions. 

While OTP-based MFA can be considered secure enough for those who are not working with critical data or sensitive information, it is certainly not the ideal authentication mechanism for those who work with valuable information and always remain connected to corporate networks.

Biometrics-based MFA – The best of both worlds

Biometrics-based authentication, like usage of facial verification or fingerprint verification, overcomes the limitations of typical OTP or push notifications-based authentication by essentially providing authentication based on “who you are”. It ensures absolute certainty before granting or denying access as hardly any tampering can be done to ‘Who you are’. Also, it results in significantly improved user experience by overcoming the limitations of OTP or push notifications -based authentication as it does not need users to type in OTPs, nor do they need to have any other device handy.

Continuous authentication – The way to go

Continuous biometric authentication – facial verification that keeps taking place on a rolling basis, once every preset time interval (say every 15 minutes) and locks out the user when the authentication fails – goes one step further in preventing unauthorized access and ensuring top notch security. It is also capable of preventing shoulder surfing. Apart from the first authentication that takes place when the user logs in, all subsequent facial verification happens behind the scenes, leaving the user unaware of the periodical authentication process. Thus, continuous authentication systems provide best-in-class security while enriching user experience, when compared to conventional OTP-based MFA systems.

This blog was first published on Accops Blog.


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


We enable secure efficient and scalable enterprise desktop computing

© Copyright nasscom. All Rights Reserved.