Smarter authentication makes mobile experiences more secure, user friendly

To make our lives easier, digital experiences have become much more interconnected, and the volume of personal data captured in the cloud is growing exponentially. While these trends make us more productive, they can also make security breaches much more damaging. Once a hacker gains access to one aspect of your digital life, he can easily reach across multiple applications and accounts, laying a path of destruction and heartache.

Today’s mobile and digital experiences need authentication strategies that keep up with the constantly changing digital ecosystem, and simple passwords are not enough.

Authentication must be fast, easy to use

Multifactor authentication strategies are growing in popularity, but the tradeoff of usability and security is a constant balancing act. If authentication solutions are not simple, quick and easy, users will find ways around them. And if they are not secure, hackers will quickly exploit weaknesses. Sophisticated smart authentication strategies are coming to market that are less visible and easier to use than messaging-based two-factor authentication approaches or biometrics. Approaches such as behavioral biometrics and adaptive authentication are leveraging data and sophisticated algorithms to create more secure and easier-to-use experiences.

Leveraging contextual data and behavioral biometrics to authenticate a user involves analyzing patterns to determine if they match behaviors exemplified by the account holder or if they correlate with known hacker activities. For example, if a device being used to access an app is in a location that is known to be a hotbed for hackers, instead of the home or office location of the account holder, access can be blocked or additional authentication could be required. Similarly, if a request to access an account does not originate from a phone connected to the registered user’s phone number, security could be tightened.

More sophisticated and secure authentication solutions

As with any security solution, the devil is in the details, and the industry has to stay one step ahead of the villains. Hackers can spoof phone numbers, so more secure solutions will identify specific devices with the device ID instead of simply the phone number. Also, more robust solutions will use GPS coordinates to pinpoint location instead of IP addresses, which can also be faked.

Even more sophisticated behavioral biometrics solutions use more granular and historical data to authenticate users. Tracking GPS movements to identify patterns and matching them with past behaviors will provide greater assurance that the same person is carrying a device. Tracking the time of day a user typically logs on to an app or service can also flag suspicious activity if access is requested at an unusual time. Even the way a certain application is navigated by the user or the frequency that features are used can be leveraged to authenticate account holders.

Tracking contextual and behavioral data is a great way to increase the confidence level that a user is who he says he is, but these methods are not foolproof. A user’s behaviors may change, but the user remains the same person – it is just that the risk of fraud is heightened.

This is where stepped-up or adaptive authentication enables improved security. If the system detects an anomaly in the user’s behavior or a heightened threat level is triggered, additional authenticators such as a one-time pin (OTP) delivered by SMS could be requested before access is provided. With this type of system, users have to authenticate themselves only when patterns change, improving the user experience.

The age of the customer has made customer experiences almost more important than the products and services offered. This makes a smooth authentication experience vital to maintaining valuable customer relationships. Companies need to ensure that they effectively balance usability with security when authenticating users, and smarter authentication solutions are making it easier.

 

This article was written by Peter Crocker from NetworkWorld and was legally licensed through the NewsCred publisher network. Please direct all licensing questions to legal@newscred.com.