Ahh passwords, you’ve seen better days.
Many fondly recall entering in their anniversary date, dog’s name, or “password” for banking, email, health plans and so much more. But as the years went on, it became cumbersome. The dog died, perhaps the relationship too, and legions forgot their “password”. Then came answering a skill testing question, or phoning into a customer service center somewhere to prove you are who you claim to be.
But before we can truly bid adieu to passwords, the masses have to be convinced there is a better alternative.
There is, James Stickland believes. Mr. Stickland is the CEO of Veridium, an end-to-end, multifactor biometric authentication solution for the enterprise.
Having worked for large companies, Mr. Stickland knows that not only are passwords annoying to remember, they are expensive when forgotten. In one example, a firm regularly spent between $5 million and $6.5 million each year to reset passwords, a total which does not include lost productivity. It can cost companies $1,800 per person each year just to set passwords.
“Passwords are inefficient and highly complicated,” Mr. Stickland said. “They are driving people to the point of distraction and forgetfulness.”
That got worse as online crime increased and forced people to create more complex passwords, which they had to write down to remember…
“The challenge then becomes how to create a simplistic environment where passwords and user IDs can be simplified,” Mr. Stickland explained.
The answer is a multifactor biometric authentication process blended with a seamless user experience, Mr. Stickland said. Veridium has patented a unique process that gives the enterprise some choice.
“We’ve chosen a platform type mentality,” Mr. Stickland said. “It is a rules based decision as opposed to (complete) integration.”
Such flexibility accommodates companies of different sizes, budgets and risk tolerances, he added.
One issue some people have with biometrics is they see it as tomorrow’s solution for today’s problem, Mr. Stickland said. But that is changing as the world becomes increasingly comfortable with digital technology. Most mobiles have high resolution cameras and people sure use them, so that smooths the path for facial recognition.
Ditto fingerprint scans, Mr. Stickland said. Take pictures of your fingers at different distances and you can create three-dimensional images of those fingerprints.
Biometrics should endure as a security option for several reasons, Mr. Stickland said. Iris scans, for example, are incredibly unique to the individual. Combine that with the picture quality and popularity of your mobile device and you have an easy and secure option which requires nothing to remember. Iris scanning capability is still in its infancy too.
Individual fears should lessen over time but institutions have legitimate concerns, Mr. Stickland said.
“It’s a challenging issue for financial institutions. My challenge at HSBC was we wanted to consume biometrics but didn’t want to become custodians of biometrics.
“In the financial industry, it’s hard enough for banks to be the custodian of your money and your personal data, let alone adding the risk of guarding your biometrics to that list,” Mr. Stickland wrote in a recent blog post. “Moreover, end users are equally as concerned about giving up control of so much of themselves to an institution. Imagine a bank is breached and now they hold your money, your detailed activity and your biometrics. Sure, you can change your password and insurance will cover funds returned (to a specific value), but you can’t reset your fingerprints – once that data is stolen, they’re gone.
“VeridiumID is a breach-proof storage architecture that uses visual cryptography to split highly secure biometric data into two separate vectors. One is stored on the mobile device and the other on the server for maximum security – alleviating the burden on the enterprise.”