Deloitte – WSJ: Taking A Risk-Based Approach To Online Authentication:

Wall Street Journal | Deloitte | Risk & Compliance Journal:

Twenty years ago, the typical consumer had only one password—for email—and it was likely an easily guessed word or name. Today, users visit countless online resources and seem to create a new account every few days. Whether it’s to access sensitive account information, pay a utility bill or just order socks, each one requires a unique and complex password. By 2020, the average user could have as many as 200 online accounts.

Not only are today’s password demands beginning to challenge the limits of human capability, causing many to resort to reusing the same passwords across multiple online resources, but they also fly in the face of the emphasis on user experience that underlies digital transformation efforts underway at many companies today. Like it or not, most online interactions—for customers, business partners, frontline employees and executives—still begin with a transaction that’s both a poor user experience and one of the weakest links for corporate security today.

There is a significant economic cost as well. A recent survey of U.S. companies found that each employee loses an average of $420 annually grappling with passwords. With 37% of those surveyed resetting their passwords more than 50 times per year, the losses in productivity can be large. Factor in the cost of the support staff and help desks required, and the financial burden becomes even bigger. Finally, adding to the list the cost of breaches caused by compromised passwords makes the combined losses staggering.

It’s time to recognize that the password is fundamentally broken. Fortunately, new technologies now gaining ground offer the opportunity to design from scratch.

To read full article – please click here.