We all love to hate multi-factor authentication. It’s time we did something about it.
Over the past couple of years, customers have become more accustomed to shopping, banking, learning, and managing their health using digital services. Many of these services rely on a username and password combination to authenticate customers.
Unfortunately, there are now a multitude of studies proving that password-based authentication is failing us. The latest ForgeRock Consumer Identity Breach Report found that two billion usernames and passwords were compromised in 2021 alone – an increase of over 35% from 2020. This is a concerning statistic when we also consider the results of a poll by Riskified, which found that over 40% of people would change suppliers if their account was compromised.
In an effort to stem this growing trend, companies everywhere turned to multi-factor authentication (MFA) which has become the recommended conventional approach to strengthen authentication. According to Microsoft, 99% of user accounts compromised by attackers did not use MFA. Google said it experienced a 50% decrease in account breaches after mandating MFA across 150 million customers.
Issues with conventional MFA
What has become clear in recent years is that conventional MFA methods (such as SMS or email) have created a host of their own issues – ranging from a poor user experience to new types of security threats.
For one, it’s difficult to even relay the importance of opting in for MFA to customers who have a tendency to choose convenience over security. The Twitter Transparency Centre notes that despite its efforts to promote conventional MFA, only 2.6% of global users have enabled it.
Secondly, conventional MFA methods create a clunky user experience. They can even have a negative impact on corporate revenues, with a study by the FIDO Alliance finding that 58% of customers have abandoned a transaction due to difficulty signing in. According to the W3C, complicated authentication procedures can discriminate against up to 15% of the population with a commensurate reduction in that potential addressable market.
Lastly, we see that conventional MFA doesn’t always equal better security. Microsoft has urged its users to avoid call and SMS-based MFA because it is susceptible to compromise. We also saw in the 2020 Twitter account hijacking breach that conventional MFA can be turned off.
How new MFA methods are solving these issues
While conventional MFA has reduced instances of password theft, it certainly isn’t where it needs to be to meet security and user needs in today’s digital landscape.
At Haventec, they believe technologies that enhance privacy should do so without negatively impacting the user experience or the adoption of digital services. This is why they have introduced Haventec Silent MFA – to enable enterprises to confidently leverage the proven benefits of MFA without negatively impacting their customer login experience.
Haventec Silent MFA provides a proven alternative to conventional MFA and the high assurance that only Haventec’s patented technology can provide.
With Haventec Silent MFA:
- You don’t need to change your current login process – customers simply enter their username and password like they do now. There’s no one-time PINs, call or SMS messages, authentication apps, tokens, smart cards, USB keys or QR codes.
- You can implement MFA without requiring customers to opt in to activate it. That’s why it’s silent and entirely seamless.
- It delivers significant benefits for customers, being simple to use while maintaining customer privacy.
- It works on all devices, everywhere, and provides high assurance authentication across all customer accounts.
- It integrates seamlessly with your current IAM platforms, including Microsoft and Auth0.
- It is the foundation for evolving passwordless and verifiable authentication methods and aligns with the emerging opportunities of Web3.
Ultimately, Haventec Silent MFA delivers the business benefits of simple to use and high assurance authentication without creating usability issues, introducing new threats, or slowing down business.
Doing right by your customers and leveraging the latest in MFA technology has never been more important. To learn more about Silent MFA, please join Haventec’s webinar.