How to kill the password

Passwords were never meant to be a form of securing information – just ask the guy who invented them! Hacks, data breaches, and fraud persist in the headlines, but we have yet to kick passwords to the curb. There has never been a better time – or a more urgent need – to say good riddance to this antiquated method of authentication for once and for all. The growing adoption of, and trust in, multiple biometric modalities such as voice, facial and behavioral biometrics shows that there is a smarter – and safer – path forward.
By
Expanding self-service in the IVR is a key trend forward-thinking companies should consider in 2017.

I recently read with great interest a report published by Forrester Research on the topic of biometric authentication with the following subhead: “Adoption of User And Mobile-Friendly Biometrics Will Kill The Password.” It’s not commonplace to find such strong and direct language used in a business context, but in the authentication space it is not surprising. This strong language is justified for two key reasons. First, the harm that passwords cause is ever-increasing and clearly unsustainable. There is an urgent need to move away from this authentication modality, as time and again passwords have proven to be one of the worst, and least convenient methods of security. Second, the availability of several proven biometric modalities that are at once user-friendly and secure enables enterprises to finally eliminate passwords from their security toolbox.

The financial, reputational and emotional harm caused by password-, PIN- and security question-based security are astronomical in scale. Simply stating that billions of dollars are lost every year seems to underscore the depth of the problem. Consumers suffer on a personal level when they are victims of fraud and this often leads to a loss in trust with the brands with which the fraud occurs. Case in point, I was a victim of fraud a few months ago. A fraudster compromised my digital account credentials (user name and password) that I used with a credit card issuer. The fraudster then proceeded to add the credit card to their Apple Pay account, and performed a series of fraudulent transactions. Needless to say, I have ceased doing business with this bank.

The financial rewards for organizations that eliminate passwords, PINs and security questions are equally material, and surpass stemming fraud losses. I myself have moved my chequing account, credit card, savings account and retirement savings account to a financial institution that secures their mobile application with voice biometrics, and uses the same technology to secure their contact center as well. According to Forrester: “Voice is a great fit for mobile app, web, and phone channels…” for a number of reasons, notably the friction-free experience and the high level of security that voice biometrics offers not only over knowledge-based authentication but also over other biometric modalities. The financial institution that I now deal with not only reduced their fraud losses, but has gained new customers and strengthened the loyalty of its existing customers.

The benefits of eliminating passwords are not exclusive to the financial industry. Telecom providers, e-commerce retailers and even citizen-facing government agencies have a great interest in implementing biometrics.

  • In the e-commerce space, Forrester recently quoted during a webinar that 37.4% of all shopping cart abandonment occurs at login. Eliminating the need for a user name and password can translate into transformative financial gains in the form of greater conversion rates.
  • On the government front, the Australian Tax Office recently shared that the use of voice biometrics, as a replacement for knowledge-based authentication, within their mobile app and contact center was meant to drive increased tax compliance by facilitating the interaction between citizen and agency. Imagine that – citizens are more likely to pay their taxes if you eliminate that archaic, insecure and high-friction based authentication mechanism known as the password.
  • A UK-based telecom provider recently shared that they experienced a significant drop in customer churn and a material increase in sales conversion when they switched from knowledge-based authentication to voice biometrics.

Clearly voice biometrics is not the only biometric modality available, nor the only one that should be deployed by organizations wishing to eliminate the password. A study conducted last year by Interaction Experience showcased that consumers are almost evenly split in their preference for authentication methods when offered the choice of fingerprint, facial recognition and voice biometrics. Their preference for one modality over the other was also influenced by the context they were in. For example, when driving or otherwise on the move, voice biometrics was clearly preferred. Whereas in a social context where speaking was not appropriate, fingerprint or face was preferred. Only 5% of the study participants selected password as their preferred mode of authentication, showcasing the strong consumer desire to move away from passwords. Forrester identified fingerprint, face and voice as the biometric modalities that deliver the highest business value and lead to the highest consumer adoption. Other biometrics show promise, including behavioral biometrics which tracks the interactions of a user and their device to continuously authenticate a user throughout a web or mobile app session, helping to prevent fraud.

I’m a strong believer that providing a choice to consumers in the biometric credentials that they can use to login to a service, such as fingerprint, face and voice biometrics, creates the winning solution to eliminate once and forever passwords, PINs and security questions. In fact, this is the formula that enterprises need to follow if they want to displace passwords and solve for the problems that passwords create. Beyond displacing passwords, these biometric modalities can be complemented by innovative continuous authentication methods such as behavioural biometrics to further secure digital experiences and thwart even the most ingenious fraudsters.

Forrester provides some great tips on how to go about moving away from passwords to biometrics. I highly recommend the read.

Let’s work together
Engage us

Voice Biometrics

Biometrics starts customer interactions off with a secure, effortless authentication process, delivering real value, and a better experience to your customers.

Learn more

Tags: , ,

Let’s work together
Engage us
Brett Beranek

About Brett Beranek

Like you, CX and biometrics expert Brett Beranek – Director Product Strategy, Enterprise – is fascinated by transformative technologies that have a real impact on our lives. With over fifteen years of experience in the customer experience and biometrics space, Brett brings strategic and tactical insights to organizations wishing to deliver a better experience to their customers via innovative security technologies. Prior to joining Nuance, Brett a technologist and entrepreneur by education and passion, successfully introduced several disruptive technologies to the health-care, IT and security markets, including as a partner of facial recognition firm Viion Systems and member of Genetec’s management team, a security firm that transformed the video surveillance market. Brett also currently serves on the advisory board of high-tech healthcare startup GaitTronics. Brett earned a Bachelor of Commerce, Information Systems Major, from McGill University as well as an Executive Marketing certificate from Massachusetts Institute of Technology’s Sloan School of Management. Brett loves travelling the globe and discovering new cultures with his three kids, Layla, Rayan and Nora and his wife, Tania.