Over the last 40+ years of information security, the world has relied on one common security system: passwords. Password-based authentication has for a long time been the standard way of managing user access.

But as the cyber security industry changes and develops, we are learning more about the risks and frustrations associated with passwords. This has paved the way for innovative methods to make Customer Identity Access Management (CIAM) more secure and streamlined.

The impact of passwords on your customers

Password-based authentication might be negatively affecting your business.

Bold statement, yes, but the use of passwords can frustrate customers who can't successfully log in, or purchase online, simply because they can't remember their password, or the authentication process bothers them so much they give up. In fact, some reports show that up to 55% of customers have stopped using a website due to the complicated login process.

Let's face it; we've all experienced "password rage" (is that a real condition?!). Where we mutter under breath (or loudly) words of frustration when we are trying to log in to an account, but can't remember a password, so we need to reset but run out of time, get logged out, or simply cannot fathom the sign-up process in the first place.

But personal frustrations aren't the only issue here.

The impact of passwords on your business

As well as affecting your customers, the use of passwords can also prove a security risk because passwords are easy to hack, leaving you and your customers vulnerable to a breach. Compromised passwords are usually the result of weak passwords or reusing the same password multiple times across different accounts. This means that if their password is shared just once, or a site they use that common password in is breached, the likelihood of someone abusing one or more of their accounts is high.

You could also be wasting precious resources. IT support and security teams within SMBs spend an average of 4 hours per week on password management-related issues (including forgotten passwords and password reset), which sounds like a huge loss of time if you ask us! This is often a result of complex passwords to achieve strong authentication without the use of a password manager.

Moving forward, businesses are embracing passwordless authentication methods and focusing on CIAM to provide a more secure and reliable way of authenticating users.

According to a FIDO Alliance: Authentication Attitudes, Usage & FIDO Brand Research Report, consumers are waking up to the advantages of customer identity as a way of bringing in passwordless methods.

For example, 73% believe that device biometrics are easier to use, 77% believe that device biometrics are quicker to use, and 58% believe retailers offering on-device authentication care more about their customer experience

The Mastercard "Biometrics report also showed that 93% of consumers prefer biometrics to passwords, 83% believe biometrics more secure, while 92% find them more convenient.

These findings are not surprising when you also find that consumers have up to 90 online accounts, 25% forget at least 1 password per day, and 1/3 of online transactions are abandoned at checkout due to forgotten passwords.

An introduction to Customer Identity Access Management

Businesses use CIAM solutions to identify a customer and grant access to their online applications and services. Allowing customers to sign up and manage their account profiles easily. Rather than asking someone to remember a password, you might offer a 'single sign-on' system (SSO) that allows users to log in to one application and automatically be logged into a set of other applications. This is commonly seen with Google G Suite, where logging into your Gmail means you're automatically logged into YouTube, Google Drive, and other Google platforms.

Or you might use a more secure authentication process such as multifactor authentication which demands an extra credential for users to prove their identity. For example, a One-Time-PIN (OTP) from an authenticator app.

There is also increasing use of biometric authentication credentials like fingerprint or facial recognition apps, that not only have actual security benefits over one-time passwords and multi factor authentication, but are also much more convenient to use.

Benefits of Customer Identity Access Management

CIAM provides solutions to many of the frustrating issues that passwords bring, while also showing your customers that you care about their user experience.

From a business point of view, passwordless login CIAM solutions offer several benefits:

  • A beneficial way to use data because all the transactions are logged
  • increased security for data and accounts - because you can track each customer's use and login habits for risk-based authentication factor, potentially fraudulent activities can be detected easily (including credential stuffing)
  • Easily comply with privacy regulations and data protection laws
  • Time and money saved on password management-related issues (including forgotten passwords), with increased opportunity to leverage passwordless biometry, commonly equipped on modern smart devices that customers themselves own and use.
  • Innovative and adaptive authentication methods to scale up as and when needed

For the consumer, CIAM offers a better experience which in turn helps your business. Users can enjoy huge benefits:

  • Simple and quick sign in or sign up
  • Easier online experience when making online purchases
  • Consistent customer experience across channels
  • Reassurance their data is protected from fraud, breaches, and privacy violations

Our new partnership with Transmit Security

At The Missing Link, we partner with the best and most disruptive vendors in the industry to provide the best CIAM solutions and customer experience. We work with multiple identity providers in the CIAM space and one of the most recent additions to our CIAM arsenal is Transmit Security an exciting new approach to app less multichannel biometrics (i.e. facial recognition) for a truly seamless digital identity experience.

Here's what our CISO, Aaron Bailey , had to say about our new partnership, " We have been providing strategic cyber security advice to our clients for many years, and passwords and authentication constantly come up. Whether it's security awareness training on strengthening passwords, password managers or it's related to our Red Team going straight for the centralised directory and highest privileges to move laterally in an environment. I am personally excited by the concept of a true passwordless future Internet experience. It's about time that we moved away from this decades-old approach to authenticating users, and I'm excited by being an early-adopting partner with Transmit Security in the region. "

When asked for comment about this new partnership, Richard Metcalfe , Vice President, Asia Pacific & Japan had this to say: " We're delighted to be working with The Missing Link as our first Australian partner. Aaron and the team bring an enviable level of security-focused expertise to the partnership. They immediately understood the business benefits that a true passwordless authentication solution would bring to their customers' consumers. It's clear from our meetings that improving customer experience by removing passwords is a high priority. Furthermore, minimising the risk of fraud by significantly reducing incidents of account takeover and providing better customer insights will deliver genuine opportunities for revenue growth. "

Essentially, customer identity needs to be at the forefront of customer experience and security plans as users demand a better way. If you'd like to see how a passwordless solution can work for your business, contact one of our CIAM experts.

 

If you liked this article, you may also like:

Privileged access in the new world

Authentication leaps forward with passwordless

What do you do after a data breach

Author