It appears that passwords: the item that users need, but still find them to be a low priority, may be finally be pushed toward obsolescence. Security experts say that passwords are one of the weakest point of security on the web. It is the first access points that most hackers attack, mainly because little attention is paid to them.
We are constantly being reminded to make passwords as strong as possible and change them frequently, yet, somehow, the exercise is still considered trivial and most passwords are still easy to guess. The fact that multiple passwords are encouraged for each online account does not make the process anymore convenient, so what eventually happens , is that the same easy-to-guess password is often reused, resulting in increased occurrences of penetration of the vulnerabilities.
Several companies are involved in renewed initiatives that move data and transaction processing to be more secure. The financial services sector, which may have more risk at stake, always appear to be at the forefront of making the web more secure, and this time it is no different, as MasterCard has announced plans to introduce technology for authenticating purchases using fingerprints and your face, via a selfie app. They are not alone and the adoption of biometric identification appears to be accelerating as the technology improves.
Beyond the fingerprint, other bio-markers being adopted for identification include the heartbeat, as done by Nymi with the Nymi band. The U.S.Department of Homeland Security and the FBI are currently involved with testing other bio markers with the establishment of the Biometric Center of Excellence, while other banks have also begun rolling out of the inclusion of voice print as a part of the identification process.
Over the course of the year some of the bigger banks in North America, the U.K and Europe, customers will allow customers to pay for purchases using the face. Ajay Bhalla, who leads management of enterprise security at MasterCard, says that the biometric authentication technology has been progressing at a rapid enough pace for it to become commonplace within the next five years.
Fingerprint and facial recognition technology are much safer than passwords, and there is no need to remember them.
The selfie app, as deployed by MasterCard requires multiple factor identification. Customers who wish to use the selfie app, are required to install it on their mobile device. The selfie app allows snapping a photo with each payment to be processed. At the time of payment, a facial or fingerprint scan is also needed to confirm verification. The scan requires a blink or gesture to indicate that the person is live, and not an image.
MasterCard says other biometric indentification processes are being explored, as testing with the Nymi band from Nymi and Voice recognition is also being explored. The enterprise is not alone in introducing new technology to replace typed passwords. The Hongkong and Shanghai Banking Corporation (HSBC) has announced plans to allow customer access via fingerprint and voice, while others such as Chinese retail giant Alibaba, PayPal, Google and Amazon are all involved with infrastructure development to allow login without typing passwords. The key is the live selfie, which recognizes gestures and motion, and users may finally be on the way to no longer needing to recall dozens of passwords to dozens of individual accounts.