Biometric authentication, a security process that leverages an individual's biological characteristics to verify his or her identity, is becoming increasingly important to improve personal security on applications and devices, according to a study of 3,997 adults conducted by IBM Security.
Key takeaways from IBM's "Future of Identity Study" included:
- Biometrics are the future of cybersecurity, but many concerns persist. Sixty-seven percent of respondents are comfortable using biometrics, and 87 percent would consider using different types of biometric authentication in the future. However, 55 percent indicated privacy is their biggest biometrics concern, and 50 percent stated they are concerned about security.
- Most people prefer security over convenience. Seventy-four percent said they would be willing to use more than one password or way to authenticate for added security.
- Password best practices vary based on age. On average, 42 percent of Millennials (ages 20 to 36 years old) use complex passwords versus 49 percent among individuals 55+. In addition, 41 percent of Millennials reuse the same password multiple times versus 31 percent of individuals 55+.
- Younger generations are more likely than others to take action after a data breach. Millennials are more likely than others to use two-factor authentication (32 percent versus 28 percent of the general population) after a data breach and/or stop using an app or service (25 percent versus 21 percent of the general population) that was affected by a data breach.
- Cultural perspectives on cybersecurity vary. Seventy-nine percent of U.S. respondents were aware of data breaches in the past year versus 70 percent in the Asia-Pacific (APAC) region and 69 percent in the European Union (EU).
Organizations must develop strategic approaches to authentication to limit the risk of unauthorized user account access, IBM stated. Furthermore, organizations must analyze user preferences, habits and attitudes, IBM said, to manage risk and improve authentication.
How to Secure a Digital Identity
IBM Security offered the following recommendations to ensure MSSPs can help customers get ahead of the modern threat landscape:
- Use complex passwords. Passwords that contain at least eight characters combining letters, numbers and special characters are ideal. It also may be beneficial to use longer passwords that consist of several unrelated words tied together and include at least 20 characters; these passwords generally are tough to crack and easy to remember.
- Store passwords in a digital vault. Use a password manager to secure existing passwords and generate stronger passwords than ever before.
- Lie on security questions. Oftentimes, the answers to account security questions like a former address or a mother's maiden name can be found online. As such, it is important to select opinion-based security questions when possible or use fake answers that only an end user would know.
- Provide multiple security checkpoints. Help customers use emails, text messages, phone calls and other security checkpoints to add an extra login step and avoid a single point of failure.
- Leverage biometrics. Fingerprints, voice signatures and other forms of biometric authentication may help customers eliminate the need for passwords and secure end users' digital identities.
MSSPs will influence the adoption of new authentication methods, IBM stated. If MSSPs can provide a wide range of authentication options, they could help customers effectively safeguard their critical data.