Tag: Multi-factor authentication

08 May 2020

New Streamlined Ways of Authenticating People Quickly Proving Their Value

Traditional ways of gaining access to an account or information, think usernames and passwords, remain common, but their shortcomings pose liabilities.

How do you confirm that people requesting access to your system and files are who they say they are? One way is to ask them to confirm their identity multiple times before granting access – otherwise known as Multi-Factor Authentication (MFA). Chastised in the past for awkward or clunky user experiences, new streamlined ways of authenticating people are quickly proving their value.

Bad password habits pose vulnerabilities

As the saying goes: A chain is only as strong as its weakest link. The same mantra may be applied to a cybersecurity program, where a single weak lock can pose a critical vulnerability to an entire company’s network. In the case of authentication, internal employee slipups can render even the strongest digital locks obsolete. Passwords were responsible for 81 per cent of breaches in 2017.

From weak or easy-to-guess passwords, like ‘p@ssword,’ to password reuse across multiple accounts, people cannot be trusted to create keys granting access to digital assets. But if multiple digital locks are created, each requiring a unique authenticating factor to grant access, it is theoretically harder to force access. That is what makes MFA systems so effective at protecting valuable data.

Address inherent vulnerabilities: authenticate beyond username and password

MFA helps mitigate the vulnerabilities presented by weak password habits by requiring additional authenticating ‘factors’ before granting access. These factors can vary in terms of complexity but are usually something unique or known only to the individual. This ensures that if a single factor is compromised, guessed or lost, like a password or PIN, other factors, maybe a birth date, remain to accurately verify the identity of who or what is trying to gain access.

“Imagine somebody is trying to hack an account and they correctly guess a user’s password,” says Chris Peel, VP Customer Engineering at Echoworx. “With MFA, they may try to log in, but the owner of the account gets a pop-up on their mobile device notifying them that someone is attempting to login. Access can then be denied by the person – using this second factor of authentication.”

Advocate for user friendly MFA

There is no ‘one way’ of conducting MFA. The term is loose and can be applied to a variety of authentication systems – from so-called ‘Strong Authentication,’ a variant of Two-Factor Authentication now a requirement for transactions over €30 in Europe, to hard-token MFA, where a physical token is required to gain access. These systems vary in the amount of security they provide – with some even deliberately hindering user experience to emphasize the importance of the access they provide.

“People won’t accept more security than they think they need.” – Google’s Mark Risher

But new digital variants help make MFA a relatively frictionless experience – with little to no impact on user experience. A bank portal, for example, might ask a banking customer for a password as one factor, or way, of authenticating their identity. But, as a second factor of authentication, the bank may also demand a Time-Based One-Time Password (TOTP) – a single-use and time-stamped random code – issued from an app installed on the customer’s mobile phone. This additional verification is completed by the customer without leaving their mobile phone. The key, you must keep it simple. Mark Risher, who manages Google’s identity systems says, “People won’t accept more security than they think they need.”

Adequate authentication, not an option

When it comes to protecting customers and the digital infrastructure of an organization, adequate authentication should not be an option – and it does not have to be. According to a report conducted by the Global Information Assurance Certification (GIAC), 87 per cent of respondents were favourable of having to authenticate themselves after being told what it was for.

The GIAC study illustrates that, while MFA might be initially viewed as security overkill by people, the same people view it favourably once they are made aware of what it is, and the protection benefits it provides them. Today most service organizations got the message: consumers want two-factor. If you do not offer it, they’ll find the service that does.

Authentication is an integral part of digital business

If digital trust is the new currency of customer experience, MFA is one of the locks holding everything in-place. The average user assesses the safety of an email in just 30 seconds before replying with personal information, says Echoworx in a survey they conducted.  Yet, more than three quarters of people will leave a company who mishandles their data. If people cannot be trusted to safeguard access to their own data, organizations need to ensure a single digital slip-up doesn’t enable fraudulent access.

To make sure that right people enter and access the right information, MFA assures organizations that their entire network won’t be compromised by a single person – helping solidify levels of digital trust.

The future does not include more complex passwords

While not uniformly mandatory under any regulation, MFA is quickly becoming a recommended default. For example, as per the European Central Bank (ECB)’s European Payment Services Directive (PSD2), transactions conducted over €30 must feature ‘Strong Authentication,’ to comply with their ‘Strong Customer Authentication (SCA)’ practice. In the wake of this regulatory development, 84 per cent of affected organizations outline MFA as a priority investment. For independent bodies, this trend continues, with certification bodies, like the PCI Security Standards Council, which is responsible for managing PCI DSS, highly recommending MFA for any future developments.

09 Mar 2020

ECHOWORX’s ENHANCED MULTI-FACTOR AUTHENTICATION IMPROVES CYBERSECURITY WITH USER-FOCUSED DESIGN

Clumsy and nonintuitive user interfaces can increase security risks

TORONTO – Echoworx, the industry leader in message encryption, today unveiled enhancements to its OneWorld cloud-based security platform with the addition of user-centric two-factor authentication (2FA), enabling enterprises of all sizes to adopt best-in-class security protocols while improving user experience.

“Enterprises, customers and employees want the enhanced security that multi-factor authentication provides,” said Chris Peel, Echoworx Vice President Customer Engineering. “But non-intuitive and cumbersome interfaces can make MFA unappealing for customers or can even make them resistant to cybersecurity. By enhancing user experience, you also improve security.”

MFA isn’t new. In the pre-digital world, financial institutions required several physical ID cards to open accounts, bank machine users needed both a physical card and an individual PIN, and institutions would require clients to choose security questions. But passwords can be weak and security questions – such as “what is your mother’s maiden name?” – can be easily cracked.

Such issues with security and usability led to more consumer-driven user experiences, led by major firms such as Google, Apple, Microsoft, and Amazon. The Echoworx OneWorld platform provides a cost-effective scalable solution for firms seeking email data protection with more robust and user-friendly multi-factor security.

“Security isn’t just a matter of engineering, it’s also a matter of design,” said Echoworx Senior Director Market Intelligence Jacob Ginsberg. “Our intuitive email encryption platform and enhanced multifactor authentication allows enterprises of all sizes to affordably provide secure online interactions, and by putting user experience at the forefront, they simultaneously improve data protection and accelerate adoption.”

Rising cybersecurity risks have encouraged firms to adopt practices that suit a “Zero Trust” environment in which the best-practice is to never automatically trust and always verify. This has made multi-factor authentication a cybersecurity essential and led to user-centric platforms becoming a key differentiator between firms.

Echoworx’s scalable, easy to use, and configurable cloud security and email encryption solutions, have been adopted by firms of all sizes in more than 30 countries and 26 languages. Echoworx’s senior members will be at the Nordic Cyber Security Summit in Copenhagen to meet with clients, answer press inquiries, and speak with industry influencers.

Contact

Lorena Magee, VP Marketing media@echoworx.com +1 416 226-8600