MEF Director of Programmes James Williams shares highlights from a recent live discussion around authentication, digging into the topic of how enterprises and consumers need to change their behaviours in the face of ever more sophisticated risks of fraud.
Lee Suker from Sinch approached me about the idea of putting together a panel discussion looking at the area of passwords and the rather vast area of authentication in general. There are so many different means out there of verifying somebody really is who they say they are and who was I to disagree that this was a superb topic for a MEF Thursday live webinar!
On the panel with me were:
- Andy Milton, Head of Sales & Marketing, Hitachi Security Business Group – Download Andy’s Slides
- Greg Brophy, CEO, iTouch – Download Greg’s Slides
- Lee Suker, Head of Authentication & Number Information, Sinch – Download Lee’s Slides
- Surash Patel, VP EMEA, TeleSign – Download Surash’s Slides
Almost exactly a year ago, MEF set up the Future of Messaging (FoM) Fraud & Revenue Assurance working group and it has become a hive of activity, the perfect example of MEF’s 3Is in action – Interaction, Insight and Impact. It wasn’t just Sinch that wanted to have this conversation. So why all the interest?
Passwords have been around for quite literally thousands of years (think the Romans and even earlier. Among the top frustrations for employees and consumers the world over is changing passwords. Think about remembering dozens of previous passwords and not being able to re-use them. Password management becomes so difficult and the temptation is therefore there to use the same password for practically everything. But there is far more than just the humble password. A second factor beyond just a password needs to be considered today. So two factor authentication (2FA). The Mobile Authentication market as a whole is growing at a cumulative annual growth rate (CAGR) of 25% which is huge.
The stark fact that hit home was that only 10% of enterprises globally ACTUALLY use 2FA. This lays bare just how much work we as an industry have got to do as organisations of all sizes really should be able to take advantage of cost-effective 2FA solutions to both secure their businesses and protect their customers.“
SMS One-Time Passwords (OTPs) became the de facto 2FA delivery mechanism years ago and it is still going very strong. 95% of internationally originated A2P (application-to-person) SMS is 2FA related which shows you just how strong. Traffic has jumped markedly the past couple of years as an increasing number of organisations have moved online given all the restrictions put in place in response to the pandemic landing upon us back in 2020. As more business has moved online, more bad actors have moved into it as well chasing a huge amount of money.
For sure technology trends have changed with far more people owning smartphones, internet penetration increasingly globally and Mobile in general being where it’s at now. That said, much of the world still has little stable access to the internet, if any. Hundreds of millions have no mobile device whatsoever, whether smart or not. Assuming anything can really hurt businesses.
Ask many people what they really want from organisations providing them with goods and services and it is for them to really appreciate that consumers’ time is what is most valuable to them. Adding layers of security at any stage of the customer experience increases time users spend on jumping through hoops to get to where they ultimately want to be and that means if you get it wrong, you can lose big. People giving up on ever signing up with you in the first place or abandoned carts. In simple language it can hurt your bottom line.
Biometrics used to be something you just saw in movies but this field has become truly mainstream. How many of you are reading this post right now on devices with face or finger print recognition? I’d hazard to guess quite a few. The cost of biometric solutions has reduced massively in recent years and from the webinar it became clear that this price will decrease further and biometric authentication solutions will become even more mainstream. We heard some fantastic facts from Andy at Hitachi Security Business Group and for a demo of where the technology is at today just check this link out: https://digitalsecurity.hitachi.eu/products/veinid-five/.
The stark fact that hit home was that only 10% of enterprises globally ACTUALLY use 2FA. This lays bare just how much work we as an industry have got to do as organisations of all sizes really should be able to take advantage of cost-effective 2FA solutions to both secure their businesses and protect their customers. We clearly need to do better and my speakers definitely had some ideas on what could be done.
As always in these posts, before you get to the main event of actually watching the recording of the session, here is what my speakers had to say on the subject…
Andy hit the nail on the head with raising simplicity as being something critical: “Using the simplest most effective method to ensure you are engaging with or they are engaging with you is key to reducing fraud and providing an effective solution is key. This balanced with the need to provide your users with an easy to use platform that offers flexibility and options that suit their method of connection, location, bandwidth and skills, is fundamental. Mobile and telcos operators have an opportunity to provide authentication of the connected users on their network on a grander scale and sell the connected verified user to the service operators (Banks, Lottery, Financial services, and many others) a more joined up approach that will benefit all.”
Greg Brophy is the CEO and Co-owner of iTouch who have been in the Messaging and Authentication space across Africa for 20+ years now and had this to say: “Africa is a continent with 1.4 billion people, almost a fifth of the worlds population. As much as 40% of its population is under the age of 15 years old. Add 1 000 different languages across 54 countries and you have an exciting challenge. Education and exposure to technology varies wildly per country. Estimates for its growth is way in excess of its current population percentage. Smartphone’s are expected to reach about 50% of all mobile handsets by the end of 2022. 3G is estimated to only reach 55% in 2025.
But Africa knows how to make a leap. We had to leap over landline (telephones!). There are many eager early adopters operating out of Africa but for critical mass: A wide choice of authentication methods is needed and it should be inexpensive and easy to use – because it should not be complicated, at all. We want to search and buy online and we don’t want a head-ache learning the enabling tech to do so, safely.”
Lee Suker from Sinch provided a stark reminder of what is important: “To prevent abandonment or disengagement enterprises must tap into authentication technology that is familiar and understood by their customers. There is a temptation to rush to more secure technologies that seem to elevate security yet they anchor the experience around the digital native, leaving everyone else behind.
Enterprises must RAISE the security bar for all their users, not just the tech savvy elite. Neither should enterprise expect new technology to be a silver bullet. The world has lived with Passwords for many years, there is very little that we don’t know about mitigation of password issues including 2FA. However good and powerful Biometrics are, these are still in the early stages of their evolution and present some serious and unanswered questions around ethics, vulnerability, and surveillance.”
It’s clear that for any authentication mechanism to be widely adopted it has to be simple, cost-effective and, most importantly, does not inject undue friction into the customer experience. Surash had this line for us to close with here: “In a world where the customer journey can determine success or sabotage growth, never has the topic of managing access been so important; a must see webinar for enterprises”. And there you have it. I’m not going to argue with that and do watch the webinar!
If you are not already an active member of the fast-growing MEF community and would like to know more about what members REALLY get up to and what great benefits MEF membership can bring your business (whatever it is you do) then do not hesitate to email me directly . Thanks for reading. Great having you here with us as part of the wider MEF community.