Single sign-on is a monumental gift for fraudsters
Imagine your home. It contains your cherished possessions, loved ones, and invaluable information about you and your family. It’s likely to include financial information, pay stubs, where you work, credit card statements, and even your purchasing habits.
Now imagine if there was only one layer of security between your home and a burglar. This unfavourable situation is where we find ourselves when it comes to fraud prevention, in the age of mobile devices.
The convenience of single-sign-on authentication for payments and other apps is it allows users to access multiple accounts by using the same password and username combination. While the helpfulness of this is clear, this is a gift of monumental proportions for fraudsters.
Single data points used for authentication continue to be the greatest point of failure in the secure authentication chain. Many companies have placed the trust of authentication in a username or password by binding the user’s credentials to a device. While these are effective means to stop the novice fraudster, these controls continue to fall short at the times they are truly needed.
This situation is only further complicated by the rise in mobile devices hosting a variety of accounts. As users of smartphones tend to be younger and will use devices at a greater speed, the chances of these devices being compromised are on the rise.
There is a greater likelihood of an individual clicking on a piece of malware via a mobile device than a laptop, and this, in turn, provides issues for the amount of single-sign-on applications and accounts often located on a mobile device; these two combining factors are essentially a fraudster’s dream.
A change in tactics is needed for both consumer and business accounts to remain safe. The use of single-sign-on authentication is plainly not working, so a bold step into a new, trusted environment is required. This trusted environment can only be achieved through a holistic, risk-based authentication infrastructure that looks across multiple vectors of the user’s behavioral interaction such as device, connection, behavioral analytics and passive measures.
Using biometrics to power a dynamic and intelligent step-up authentication system will allow organizations of all kinds to avoid the risk of authentication fraud while ensuring that their valued customers continue to receive a great experience without roadblocks.
These methods use cutting-edge technology to pinpoint with near 100% accuracy the validity of a user. The angle at which a mobile is held and the speed at which characters are typed are cross-referenced with device, location and user information to build up an complete and accurate picture.
So, as we continue our move to a digital-first world, where huge swathes of our economic and social lives are housed in our online accounts (both business and personal) a switch to the world of passive behavioral biometrics could make the fraud that has plagued our online lives for as long as we’ve been online, a thing of the past.