Passwords have long been known to be insecure, with malicious actors frequently bypassing password-based security protocols. However, security concerns are not the only drawback of password-based authentication. They can be costly and burdensome to manage, with users frequently forgetting and thus having to reset passwords, which consequently creates a poor UX.
A Promising Alternative
These problems highlight the need for organisations to embrace passwordless authentication. Passwordless authentication can eliminate these problems; enhancing security and providing a better UX.
Minimising reliance on passwords, or eliminating them altogether, diminishes their value to bad actors. By replacing them with more secure forms of authentication, such as biometrics, it becomes far more difficult and expensive for bad actors to gain unauthorised access. When combined with other security mechanisms, such as behavioural biometrics and risk-based MFA, logins become even more secure.
Benefits for Usability
Opting for passwordless authentication can improve the UX by removing the friction commonly associated with password-based authentication. Passwords can be easily forgotten; requiring users to go through the hassle of resetting them. Additionally, it is often the case that the more secure a password is, the more frustrating it is for it to be manually entered. These sources of friction often result in poor UX.
By implementing passwordless authentication, the need to create, manage, and remember (or reset) passwords is eliminated. Users can instead enjoy a more seamless experience using convenient login mechanisms, such as facial recognition to verify their identity; enhancing the UX.
Immediate and Long-term Prospects
While true passwordless authentication remains a long way off from widespread adoption, there has been a surge in creating passwordless experiences in which passwords are simply masked, such as biometrics being used to unlock a password. Although this middle-ground solution retains the vulnerability to credential-based attacks, it does offer consumers the improved UX associated with true passwordless authentication.
This is representative of the steady transition to a passwordless future, which while a number of years away, signals the ever-growing importance of biometrics. An ecosystem of authentication is most likely the evolutionary route to develop a secure but usable mobile payments ecosystem, with rules of use being determined by the risk level of the use case. The goal is towards a seamless, secure payments system, that works across omni-mobile channels and that meets increasingly stringent regulations.
- Overview of Biometric Technologies
- Challenges in Biometric Authentication
- Market Forecast Summary
► Mobile Payment Biometrics Market Research
Our latest research found:
- Total value of biometrically authenticated remote mobile payments will reach $1.2 trillion globally by 2027; rising from $332 billion in 2022.
- Total volume of biometrically authenticated remote mobile payments will grow by 383% over the next 5 years, reaching 39.5 billion globally by 2027.
- To maintain trust and reduce fraud, financial institutions are implementing step-up authentication, where certain transactions are escalated for biometric approval based on risk scoring. Therefore, vendors must offer multiple ways to authenticate, as well as developing new techniques to keep biometrics secure.
- Mobile authentication vendors must prioritise the design and implementation of enhanced liveness detection, and anti-spoofing techniques, to combat the ever-evolving role of fraudulent players and ensure that the security of facial recognition solutions is not compromised.