People now prioritize security over convenience when logging into applications and devices, while younger adults are increasingly eschewing traditional password hygiene in favor of biometrics, multifactor authentication and password managers to improve their personal security.
Those are the key findings of a new study from IBM Security examining consumer perspectives around digital identity and authentication in Europe, Asia Pacific and United States. IBM Security says that with millennials quickly becoming the largest generation in today’s workforce, these trends may impact how employers and technology companies provide access to devices and applications in the near future.
Overall, respondents recognized the benefits of biometric technologies like fingerprint readers, facial scans and voice recognition, as threats to their digital identity continue to mount.
Some key findings from the study:
- Security outweighs convenience: People ranked security as the highest priority for logging in to the majority of applications, particularly when it came to money-related apps.
- Biometrics becoming mainstream: 67% are comfortable using biometric authentication today, while 87% say they’ll be comfortable with these technologies in the future.
- Millennials moving beyond passwords: While 75% of millennials are comfortable using biometrics today, less than half are using complex passwords, and 41% reuse passwords. Older generations showed more care with password creation, but were less inclined to adopt biometrics and multifactor authentication.
- APAC leading charge on biometrics: Respondents in APAC were the most knowledgeable and comfortable with biometric authentication, while the US lagged furthest behind in these categories.
The evolving threat and technology landscape has created widely-known challenges with traditional log-in methods that rely heavily on passwords and personal information to authenticate our identities online. In 2017, data breaches exposed personal information, passwords, and even social security numbers for millions of consumers. Additionally, the average internet user in America is managing over 150 online accounts that require a password, which is expected to rise to over 300 accounts in coming years.
“In the wake of countless data breaches of highly sensitive personal data, there’s no longer any doubt that the very information we’ve used to prove our identities online in the past is now a shared secret in the hands of hackers,” said Limor Kessem, executive security advisor at IBM Security. “As consumers are acknowledging the inadequacy of passwords and placing increased priority on security, the time is ripe to adopt more advanced methods that prove identity on multiple levels and can be adapted based on behavior and risk.”
Future of identity
Analysis in the report reveals that attitudes regarding authentication vary widely, and while acceptance of newer forms of authentication like biometrics is growing, concerns persist – particularly amongst older generations and people in the US.
IBM advises organizations to adapt to these preferences by taking advantage of identity platforms that provide users with choices between multiple authentication options – for example, letting users toggle between a mobile push-notification, which invokes fingerprint readers on their phone, or a one-time passcode. Organizations can also balance demands for security and convenience by using risk-based approaches that trigger additional authentication checkpoints in certain scenarios, such as when behavioral cues or connection attributions (device, location, IP address) signal abnormal activity.
The study was designed with Ketchum Global Research and Analytics, and is available for download here.
Alternately, here’s the infographic version.