Finding the Utility in Authentication Friction

By  |  November 4, 2022
 | 
Prove - Digital Identity: Ditching Passwords Could Unlock A $59 Billion Biometrics Market - November 2022 - Learn how consumers feel about identity authentication and the use of technologies such as biometrics and passkeys in place of passwords

Prove - Digital Identity: Ditching Passwords Could Unlock A $59 Billion Biometrics Market - November 2022 - Learn how consumers feel about identity authentication and the use of technologies such as biometrics and passkeys in place of passwords

An interview with Lenny Gusel, former head of cybersecurity solutions at J.P. Morgan and fraud strategy executive at Bank of America, about the implications and effective implementation of advanced payments authentication

Cross-platform ubiquity 

Plans to implement passkey sign-in across platforms by Google, Microsoft and Apple have generated plenty of excitement. Support from major hardware and software manufacturers will simplify the move away from passwords and multifactor authentication (MFA) as it has existed to this point, according to Gusel. Such ubiquity will lower the entry cost and make it much easier for companies to incorporate advanced authentication into their products and services. While this transition away from passwords will not happen overnight, Gusel said it is also not the sole answer to payments security or a better user experience. Companies must look at advanced payments authentication past the sign-in stage and to the actual moment a consumer makes a payment. 

Authenticating users at the point of payment 

Many digital payments involve stored payment options held behind a single login. Once someone gains access to the account, there is no additional step authenticating either legitimacy or intent. Gusel pointed out that even toddlers can learn to click Amazon’s Buy Now button. Companies can address this issue on digital devices by using a biometric step, such as facial recognition. Using biometrics would ensure authentic payments, guarding against everything from third-party fraud to the less malicious purchases of household members, while also helping to distinguish intentional purchases from accidental clicks. The industry is already plagued by account takeovers where MFA is subverted, so it is likely criminals will find ways into passkey-secured accounts as well. Authentication at the payment point is, therefore, the answer. 

Introducing good friction 

Of course, requiring authentication for every transaction introduces friction, but Gusel said friction is not such a bad thing. As faster payments become more common, the friction produced by authentication measures offers security and thus reassures users. The key is ensuring targeted friction that fits the use case, Gusel said. As facial recognition technology continues to evolve, for example, software will be able to authenticate the individual clicking a button and whether they were looking at the button when they clicked it or looking off to the side and brushed it with their finger. This kind of friction will not act as a blocker but as confirmation of intent and action, he said. 

Recommended

Big Tech Makes Money by Spending on AI Infrastructure
Securing the Cyber Perimeter Starts With Safeguarding Corporate Emails
Hallmark Bridges Digital Gifting with Personal Touch
Adding Value, Driving Growth: Industry Leaders Map the Future of Financial Services
See More In: , , , , , , , , , , ,