Please find the comment below, from Andy Cory, Identity Management Services lead at KCOM as part of our security experts comments series on latest cyber security news.
Andy Cory, Identity Management Services lead at KCOM:
“It is time we found a balance between these tricky demands. The future of secure authentication is certainly multi-factor, but it should also aim for low friction. To improve customer experience without reducing security, authentication strategies should be both integrated and simple.
“An example of this would be an ‘adaptive’ authentication mechanism that reviews a combination of factors such as geographic location, source IP address, device fingerprint as well as a password before allowing the user access. Most of this information can be obtained from the device being used, while the consumer only has to provide their password. This gives multi-factor authentication where the user is only aware of one factor.
“If an authentication platform determines that the person trying to log in using your username and password is doing so from the device you usually use and from the location from which you usually log in, that gives a good indication that it’s really you. This means the platform doesn’t feel the need to ask you to provide the middle name of your favourite cricket player, or the colour of the first pair of socks you ever bought, before trusting that you are indeed you.”