Just as Google’s post-password play moves forward with major banks, a new survey has revealed that 52% of consumers want biometrics and other modern authentication methods to replace traditional passwords.
According to the data from Gigya, 80% of consumers believe biometric authentication is more secure, and they understand the pitfalls of typical password/user ID combos.
This is good news for projects like Google’s Project Abacus, which is set to be trialed with several major banks next month. It combines biometrics like facial and voice recognition with user behavior such as the times and locations one usually tries to log-in. From these it deduces a Trust Score which can then be used to check if the individual trying to log-in is you.
The survey shows that the thirst for post-password approaches could be motivated by sheer laziness: Those same consumers aren’t practicing good password hygiene in the first place.
Consider: only 16% of respondents follow password best practices with a unique password for each online account. About 6% use the same password for all accounts, and 63% use seven or fewer passwords across all their online accounts. And, 68% abandon the creation of an online account due to complex password requirements.
Millennials have the worst password practices, with only 67% using insecure passwords like, well, “password,” “1234” or their birthdays.
This, in spite of the fact that 26% of respondents have had at least one online account compromised in the past 12 months. When segmented by generation, 35% of millennials, 28% of Generation Xers and 18% of baby boomers reported having online accounts compromised.
So obviously, authentication mechanisms need to be simple and easy to use in order to be adopted. Biometrics by and large fit the bill, with 20% saying they would adopt fingerprint scanning, voice recognition, facial recognition or iris scanning technology were it available.
In fact, nearly one-half of millennial respondents use one or more forms of biometric authentication, such as fingerprint scanning technology (38%), voice recognition (15%), facial recognition (11%) or iris scanning (5%). Millennials also report that at least one of the applications they’ve downloaded offer some form of biometric authentication, which is consistent with Juniper Research’s estimates that more than 770 million biometric-enabled applications will be downloaded each year by 2019, as compared with 6 million in 2015.
Two-factor authentication, which couples traditional usernames and passwords with a personal security question or verification code sent via text message, has its supporters too. A full 29% of survey respondents like the idea (likely because it allows for weak passwords and password reuse).
Other frictionless approaches, like social-network authentication, are popular too. The “log in with Facebook” option that many websites have now implemented are a perfect example of this.
“Within the next 10 years, traditional passwords will be dead as an authentication form,” said Patrick Salyer, CEO of Gigya. “Consumer-focused brands require modern customer identity management infrastructures that support newer, more secure authentication methods, such as biometrics. Businesses that are already using advanced authentication methods demonstrate increased customer registration and engagement while enjoying greater login convenience and security."
Photo © Patrick Foto