AS biometrics gain popularity as a convenient and secure form of automated user recognition, the traditional password will become much less appealing to consumers and enterprises alike going forward, according to Dell Technologies South Africa.
Its Client Solutions Director Chris Buchanan said that biometrics technology continues to advance, with better sensor technology and the use of AI-based matching algorithms.
“This results in a better user experience while improving the security model. Advanced device security features like fingerprint readers and facial recognition are now readily available on mainstream business laptops and used as part of a multi-factor authentication solution, offering users more secure ways to access their devices, applications and data than easily compromised passwords,” Buchanan said.
The Dell Technologies Biometric Usage Study found that at US businesses where PCs with biometric security were available, around 80 percent of employees reported using the feature and 64 percent of employees who did not have these features available said they would use them if offered.
According to Buchanan, one may be asking, why is the use of biometrics more secure than passwords?
He said that passwords were a string of characters which were validated by a website or service to allow a user access.
“Strong passwords are designed to be difficult to guess or replicate, but even the most complex passwords can be stolen or compromised. To secure user identities, the use of multi-factor authentication is increasingly required for user access.”
According to him, biometrics plays a critical role in multi-factor authentication, and it was most difficult to replicate the three possible factors of authentication: something one knew (their password/PIN), something they have (their device or security token) and something they are (their fingerprint or face).
He said that connecting authentication to a user’s biometric match created the most difficult scenario for a cybercriminal to duplicate. Once the local authentication was performed, he said a secure digital certificate was released to the website or service for user authorisation.
Dell Technologies South Africa said that given the openness of employees to leverage biometric security features on PCs, there was opportunity for biometrics adoption to continue increasing, especially as Gen-Zers entered the workforce.
Buchanan said these digital natives grew up accustomed to using fingerprint readers or facial recognition on their smartphones and probably would not think twice about using the same technology on their PCs and other devices.
He said it was time for organisations to reassess how they were handling security on employee devices and consider incorporating biometrics for their next PC refresh cycle.
Too many passwords were a nuisance as well as creating and remembering strong passwords that adhered to specific requirements.
According to a report from the University of Stellenbosch Business School which sought to determine the security education, training and awareness needs of South Africans, 5.3 percent of respondents believed they had absolute knowledge of proper password practices. Only 2.8 percent displayed a perfect “security first” aptitude when selecting and managing passwords.
In addition, the Dell Technologies Brain on Tech study found that when users worldwide were presented with a long, difficult password to access a computer under time pressure, their stress increased by 31 percent within five seconds, and continued to rise even after users successfully logged in.
Buchanan said these results reinforced that for most people, good password hygiene was not a priority, but instead, a nuisance. He said whether one reused the same password repeatedly, used weak passwords or wrote them on sticky notes, most were doing exactly what they had been told not to do.
“Concerningly, these behaviours are not just reserved for working adults. A recent study by the Scientific Electronic Library Online (SciELO) South Africa analysed students’ cybersecurity awareness at a private tertiary educational institution. The findings showed that most students found it difficult to remember complex passwords and so they used simple ones like their names.
The firm said that while it seemed South Africa still had a long way to go until passwords were obsolete, it was only a matter of time until one could blissfully forget about remembering complicated passwords without compromising security.
BUSINESS REPORT