Trust is foundational for building your brand in the minds of your customers. A single security breach is all that it takes to damage how you are perceived in the market. This is especially true if you interact with your customers and conduct business transactions online. Fortunately, there are new technologies like Multi-Factor Authentication or MFA available that make it easy to secure your information and validate the identity of your users.
How is it possible for an unknown person, somewhere else in the world, to break into someone else’s PayPal or personal banking account? Why does the security system that Google, PayPal, Yahoo, Dropbox and others have on their systems continue to break down, allowing individuals access to the private information within someone else’s accounts? It’s possible because the system used for identifying the user, i.e. a username and password, is based on a set of outdated assumptions about access control (what you have permission to access) and authentication (method for determining your identity).
When users had to physically sit at a terminal in a university data center or corporate office, it made sense to identify those users with a simple system. However, once systems began to be built with the intention of being accessed from anywhere in the world, the likelihood of an attack increased logarithmically. With more and more information being stored online, it has become increasingly difficult to live a life free of the risks associated with having your identity compromised. In many cases, the integrity of your business relies on having safe and secure Web and mobile applications.
“What about the system that my bank uses, where I have to have a very complex password that is hard to remember or guess and have to click on an image?” The real answer is that passwords and other memory-based systems are no longer the safest form of protection, regardless of their complexity. For that reason, two-factor or multi-factor authentication is rapidly gaining popularity. By adding a second, truly independent form of verification such as a text message or phone call, it creates a stronger mechanism of protection against intruders. In other words, the universe of individuals who might have claimed your identity with your compromised username and password is reduced to one individual – you.
While some companies might argue that the additional security hinders the overall user experience, any company that values the security of their systems or their clients’ information understands the importance of combating against these vulnerabilities. Look at the recent news, the headlines are littered with lost credit card data, compromised bank accounts, leaked email, and reputations ruined by poor security.
No one will suggest that two-factor or multi-factor authentication will cure all of the security ills that plague the online world right now; there are many issues with the way current systems are designed. However, a strong authentication system is a great first start. It introduces something back into our world that has been lacking for many years – TRUST. It gives us the ability to know, for sure, that the person we’re doing business with is actually who they say they are, and that level of trust is good for business.
