Mon 03 May 2021
FNZ complete acquisition of Silica from Ninety One
The acquisition further supports FNZ’s long-term strategy of expanding the accessibility…
- Home /
- News & Insights /
- The password is dead. Long live the password?
19 November 2018
The password is dead. Long live the password?
Changing tech, changing consumer behaviour and now changing guidelines – today’s fast-paced digital world certainly keeps cyber security experts on their toes. But has the standard user name/password combination really past its sell-by date? FNZ’s Donald Crombie examines the evidence.
Passwords. We’ve all got them. Hundreds of them. Over the last 20 years, the explosion in digital technology means the average person now has to remember hundreds of passwords, PINs, secret question responses and the like. For many consumers, it’s impossible to deal with, without duplicating, writing things down, or going for obvious choices like date of birth combinations.
Attackers and hackers know this only too well and have an increasingly sophisticated variety of methods to try and steal credentials. Breaches are common, and not just among the careless – respected professional websites like LinkedIn have been attacked. If a hacked member then uses the same log-on information across multiple sites, they’re at serious risk of fraud and identity theft.
Passwords aren’t working. Yet when the U.S. National Institute of Standards and Technology (NIST) revised their guidance, suggesting that long-cherished standards such as changing passwords every 90 days might not actually be ‘good practice’, it caused ripples across the industry.
But change isn’t necessarily being driven by regulators, security architects or bodies like NIST. Consumer behaviour, mostly linked to smartphone use, is in the driving seat. Mobile phones now fulfil many of an individual’s computing requirements, including things like payments. Mobile users have little desire to consult a password manager, and the clunky authentication of using a physical token or fob to access their bank feels positively medieval.
It’s clear that today’s consumer is willing to make considerable trade-offs for convenience, moving seamlessly from app to app, paying a bill here, booking a car (with associated credit card) there – all with a few simple actions and using their fingerprint or their ‘Face ID’.
What are the implications for financial services? Traditionally our industry hasn’t been in the forefront of shaping this behaviour, believing that it’s better to allow consumer behaviour to be shaped in a lower-risk environment, rather than introducing security measures that can be perceived as risky. But that approach may not continue to serve us well. Developments like the PSD2 directive and open banking are an opportunity to shape the future of payments and thus consumer behaviour and here at FNZ we’re continually investigating the new technologies that will help deliver a secure, but flexible user experience. Read more
Developments like the PSD2 directive and open banking are an opportunity to shape the future of payments and thus consumer behaviour...
Trust is the key. And trust is built up over time, depending on the device, the authentication process and the benchmark of what is normal user behaviour. When you’re paying for a coffee, contactless does just fine. But when you’re moving millions of pounds, customers expect a little bit more, which is where multi-factor authentication comes in. As well as using biometric data like fingerprints to sign in, a second step built around activity, like a message saying ‘we’ve just detected a login from a new device’ builds confidence in the system and can be a powerful way of saying ‘we’re looking out for you’.
So are passwords really a thing of the past? Not quite. Biometrics and trust patterns may be the future, but what happens when the hackers manage to steal your thumbprint – you can’t change that as easily as your 6-digit phone PIN. I’d suggest that passwords are here to stay, at least for the foreseeable future.
Other Articles
Tue 06 April 2021
FNZ launches new US wealth management venture
FNZ and State Street are collaborating on FNZ Trust Company, a new wealth manager…
Wed 24 March 2021
FNZ goes live with blockchain solution for South African funds industry
Partnership with FinSwitch now supports hundreds of thousands of transactions for…
Sun 28 February 2021
Technology fuels meaningful pensions engagement
Adrian Durham, chief executive and founder of FNZ, reveals how a more digital experience…
Mon 25 January 2021
Top three trends for sustainable finance in 2021
As the new year arrives amidst a time of resolutions and challenges, we find ourselves…
Mon 16 November 2020
FNZ to acquire Silica from Ninety One
The acquisition supports FNZ’s long-term strategy of expanding the accessibility…
Wed 05 August 2020
FNZ Complete Acquisition of Irish Progressive Services International (IPSI)
FNZ, the global platform-as-a-service provider, has completed the acquisition of…
Wed 08 July 2020
Could we save, not only spend, our way to a sustainable world?
Shifting consciousness from how we spend our money to how we save our money could…
Tue 07 July 2020
FNZ and State Street Collaborate On New Wealth Management Servicing Venture
The new venture will combine the custody expertise of State Street with the international…
Wed 01 July 2020
ebase agree to acquire the securities business of Augsburger Aktienbank AG
ebase have confirmed that they have agreed to acquire the entire securities business…
Thu 21 May 2020
FNZ signs deal to provide blockchain technology to South African investment industry
FNZ, the global platform-as-a-service provider, has signed a deal with FinSwitch…
Wed 13 May 2020
Three ways business can play a positive part in our global ecosystem
More than ever, the relationship between business, the environment and society is…
News & Insights
Sign up to receive regular news and insights from us on both what's happening at FNZ and within the industry.