Consumers Leaving Back Door Open to Hackers By Automatically Logging on to Facebook and Gmail

By   ISBuzz Team
Writer , Information Security Buzz | Aug 24, 2014 05:05 pm PST

Leading digital identity expert Intercede has revealed the results of its latest research The Rise of the Identity Centric Economy, a study which found that consumers are leaving back doors open to hackers when they sign up for automatic login on mobile apps and services across multiple devices, as well as when they share passwords and handset PIN codes with friends, family and colleagues.

FREE Download: How To Perform A SaaS Application Inventory In 5 Simple Steps

The survey of 2,000 consumers revealed that three quarters of those using social media applications and email leave themselves logged in on their mobile device, potentially putting their personal and sensitive information at risk. Worryingly, many consumers are also compromising their bank and credit card details by selecting ‘Remember me’ or ‘Keep me signed in’ options. Of those that use Amazon and other shopping sites, 37% said they were automatically logged in, while the figures stood at 23% for mobile banking and 27% for Paypal.

Richard Parris, CEO of Intercede, commented: “Keeping your Facebook, Gmail, shopping and financial accounts automatically logged in might be convenient for consumers, but it’s leaving the back door wide open to hackers.  Consumers are more wary about clicking ‘Remember me’ when it comes to online banking and financial apps, but cyber criminals don’t necessarily need access to your bank account or credit card details to commit identity theft.

“There are plenty of rich pickings available in email and social media accounts too. Leaving yourself automatically logged in is like leaving the windows of your house wide open while you’re out. It’s time for a new generation of secure identity authentication.”

Although 53% had placed a PIN code in place, the research found that consumers are sharing these PIN codes and other passwords, further jeopardizing the security of the data stored on their phones. 28% admitted they knew the log in details for a friend’s, family member’s, or colleague’s mobile device.

The research also questions whether the credentials consumers are using are strong enough to adequately protect their applications and the data they hold.  Three in five stated that they try and remember passwords rather than writing them down or relying on password management solutions, suggesting that consumers are relying on the easy to remember combinations and using the same password across multiple sites and devices.

“As we live more and more of our lives online, all our various digital identities need to be effectively protected – worryingly, it appears that this is not the case at the moment,” continued Parris. “We need so many passwords today for social networking, email, online banking and a whole host of other things,that it’s not surprising consumers are taking shortcuts with automatic log ins and easy to remember passwords. These solutions are increasingly not fit for purpose though – they do not offer proof of a person’s identity and are easily lost, stolen or hacked, leaving consumers at risk of identity theft. It’s time for stronger authentication and more sophisticated forms of identity.”

The research also looked into users remaining logged-in to accounts on multiple mobile devices. It found 76% for social media, 45% for mobile banking, 46% for Amazon and shopping sites, and 54% for Paypal.

About Intercede

intercedeIntercede is a software company specializing in identity and credential management with a global team of experts located in the US and UK.

Intercede’s MyID software enables organizations to create and use trusted digital identities for employees, citizens and machines. This allows secure access to services, facilities, information and networks.

MyID meets the highest government standards yet is simple enough to be deployed onto consumer devices such as smartphones and tablets. Critically, MyID provides an easy, convenient and secure alternative to passwords.

Millions of identities are managed using MyID and Intercede has provided identity verification and management services to global customers for more than 20 years. MyID is a commercial-off-the-shelf software product, designed and developed to be configurable so it can be embedded as the cornerstone of cyber security infrastructure for governments and corporations.

Customers trusting Intercede for secure digital identity include the US and UK governments and some of the world’s largest corporations, telecommunications providers and information technology partners.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x