Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Agile authentication: Techie toy or digital business imperative?

Jan Zeilinga | Aug. 7, 2015
The move to digital services and the rapid pace of technological change means IT infrastructure decisions have become business decisions, and a new term has entered the lexicon – ‘business agility.'

3. Meeting customer expectations. If you are the last organisation left in your sector that doesn't offer two-factor authentication for high value transactions, your customers will perceive your services as less secure.

Service providers that rapidly embrace new authentication methods, on the other hand, will be perceived as more innovative and secure. Customers may also want to bring their own authentication, for example a FIDO Alliance smart card or device, and be highly motivated to replace all their usernames and passwords.

These reasons are essentially business demand driven. But the process of embracing new authentication methods depends on the underlying security infrastructure. Unless your digital infrastructure has been built to accommodate changing authentication methods, it may be cumbersome and slow to implement them.

What we are seeing now with changing authentication methods is only the tip of the iceberg. Like everything else in the cyber security world, there is an arms race going on between the people who want to compromise systems and the people who want to protect them.

As the risk profile of any given authentication method changes -- generally for the worse -- it will eventually become unsuitable for certain transactions. This has already happened to usernames and passwords when it comes to high value financial transactions.

As a result, new authentication methods are coming out continuously, and different authentication methods are supported by different devices. The iPhone supports Touch ID, a fingerprint identity sensor. Android phones on the other hand, can identify their owners by scanning an image of their face.

Then there is the FIDO (Fast IDentity Online) Alliance, an organisation formed to address the lack of interoperability among authentication devices as well as the problems users face with creating and remembering multiple usernames and passwords.

Its new standard will allow any website or cloud application to interface with a variety of FIDO-enabled devices -- such as smartcards -- that the user has for online security.

As usernames and passwords give way to more secure authentication methods the landscape will become increasingly fragmented. To keep pace, organisations need to think about building the appropriate infrastructure.

If your organisation hasn't yet evolved beyond usernames and passwords, there's a danger that your technical people will resist new authentication methods rather than enable them.

Usernames and passwords may be hardwired into back-end IT infrastructure such as business applications. There may be some work required to break down the dependencies that exist between your digital identities and the authentication of users.

Ideally, you want a pluggable authentication service that is agile and extensible. Then you will be in a position to adopt new authentication methods quickly and easily to address changes in risk or customer expectations.

 

Previous Page  1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.