The National Cyber Security Centre (NCSC), a division of intelligence agency GCHQ, 2019 report revealed that the scheme Operation Haulster automatically flagged details of more than 1 million stolen credit cards to banks. The agency also claimed it had prevented more than 177,000 malicious phishing attacks that attempted to trick people into handing over their passwords.
The NCSC’s report indicated two passwords were the cause of over 500,000 accounts being hacked in the last year, with malicious actors selling and sharing these compromised access words. The agency also highlighted that the use of easily breached passwords such as ‘123456’ and ‘password’ are still rife, which according to Jason Tooley, Chief Revenue Officer at biometric authentication platform Veridium, places consumers at unnecessary risk.
Jason Tooley, Chief Revenue Officer at Veridium comments: “Worryingly, the NCSC report discovered that only a third of British people know how to protect themselves from cyber breaches, highlighting the lack of public education with regards to security. Passwords are the weak link, and organisations must have an obligation to protect their customers and provide the safest methods of authentication.”
Jason continues: “Eliminating the password from user authentication is more easily achieved with the adoption of biometrics, as this negates the risk of phishing. Transitioning to a passwordless approach does not mean using a biometric in isolation, still using PINS or replaying passwords in the background, you need to remove passwords in their entirety across all factors of authentication.”
Jason continues:“Organisations will see the greatest value in incorporating an open biometric approach, selecting the right biometric for the right use case, including fingerprint, facial recognition as well as innovative behavioural biometrics – which provides an additional layer of security on location and unique mannerisms. By authenticating in this way – ensuring biometrics, possession and intelligence – allows more than just access, but the ability to verify an identity. True multi factor authentication solutions have the ability to enhance consumer confidence and construct the most secure experience, all whilst ensuring the customer has a frictionless user journey.”
Jason adds: “Businesses are expressing misguided concerns over the danger of biometric data being hacked, however using techniques such as visual cryptography or sharding mean sensitive biometric data is unusable in the event of a breach, thus concerns over its storage are rendered obsolete.”