10/20/2020
Goodbye passwords, passwordless authentication is here to stay
The Paypers
By 2022, Gartner predicts that 60% of large and global enterprises, along with 90% of mid-size enterprises, will implement passwordless authentication methods in over 50% of use cases, up from 5% in 2018, Srividya Sunderamurthy from Vesta debates.
Let’s explore the basis for this prediction and the future of passwordless authentication.
Account Takeover (ATO) fraud is becoming a bigger challenge by the day. It has impacted every vertical from ecommerce to digital wallets, online banking, telecommunication, and healthcare. Fraudsters continually exploit every possible avenue to obtain and use PII. Once they have your data, they apply sophisticated machine learning to evolve attack strategies to stay a step ahead of fraud prevention tools. The most commonly used ATO techniques include:
- Phishing or man-in-the-middle attacks to steal account credentials and intercept one-time passcodes to reset account passwords;
- Credential stuffing: automated testing of stolen usernames and passwords at multiple websites with the intent of taking over a large set of accounts all at once;
- Use of stolen or openly available data to answer Knowledge-Based Authentication (KBA) security questions.
Read more...