Apple’s latest biometrics push, facial recognition for iPhone, is seen by most to be a trustworthy authentication mechanism, despite it not yet being released into the market.
The results of a survey conducted by Secret Double Octopus, found that among 522 employees of medium and large enterprises, 81% of respondents perceive FaceID as trustworthy, and 91% think it will be easy to use.
The survey, which focused on preferred authentication methods and password usage, found that 73% of employees surveyed said they prefer FaceID to passwords if given the choice, with 70% categorizing FaceID as ‘extremely or very trustworthy’—results from a technology they have never actually used.
Apple’s TouchID, deployed on iPhone 6 and iPhone 7, is the leading alternative to passwords, with respondents ranking it first in all three survey parameters: ease of use, trust and preference.
“We initiated this survey because we wanted to look past the hype to really understand what people think about the authentication methods they are required to navigate daily—anything from passwords, tokens and SMS to TouchID,” said Raz Rafaeli, CEO of Secret Double Octopus. “We also wanted to know what people are expecting from new authentication alternatives, specifically FaceID. The results demonstrate the need for organizations to seriously consider the impact FaceID will have on their security environment and explore how they can leverage the technology both as a second-factor authentication measure, as well as a way to replace passwords altogether, because that is where we are headed.”
The survey also revealed ongoing concerns around password use. Even though 91% of companies having a policy for password strength (longer passwords and frequent replacements, for example), the survey found that many employees are not adhering to even the most basic of protections, and are exposing themselves and their organizations to increased chances for malicious activity. About a quarter (23%) of employees surveyed say they rely on paper notes to remember their passwords. Further, 14% have shared their work passwords with colleagues or other people; 21% of employees use work-related passwords for non-work related online services; and 5% of employees admit they have entered their work-related passwords into fraudulent forms or web pages.
The results are interesting given the results from a survey of the hacking community, which found that facial recognition was rated as the worst tool for authentication by a fifth of respondents—six times more often than fingerprint authentication.