This is the third in our series of blog posts covering Fintech trends to watch out for in 2017. Following on from last week’s post about the exponential growth in mobile money, we look at new ways of securing your mobile device.
Even though we should know better, many of us still choose a password which is easy to guess, or use the same password for multiple websites. According to Verizon’s 2016 Data Breach Investigations Report, 63% of data breaches- where private information is unintentionally released to an untrusted party- could be blamed on a weak, default or stolen password1. This is despite most sites encouraging users to pick stronger passwords including upper and lower case letters, numbers and symbols.
As mobile money becomes an increasingly popular way of transferring money overseas, malicious parties will target mobile devices more often. So how can you secure your device?
Introducing, multi- factor authentication
Multi- factor authentication (MFA) involves using two or more credentials to access an account. It relies on three types of information: something you know, such as a password; something you have, such as a security token; and something you are, such as biometric identification (more on the latter two below). The theory behind MFA is pretty simple: if one layer of defence, for instance a password, is compromised, then the attacker must breach another one before getting into the account. This method can be used to limit access to physical locations, networks and of course mobile devices.
However, MFA requires a delicate balancing act. While people would like greater security, they also want the convenience of quickly and easily signing into an account. In this respect, mobile devices are well suited to this type of solution. Here’s why.
Security tokens are pieces of hardware or software which generate a unique password you then use to sign into your account. In the case of a mobile device, the software- known as a soft token- is installed, usually in the form of an app. All you have to do is log in and the app generates a password. The process is straightforward and doesn’t require connectivity.
Biometric identifiers are set to become a more common MFA credential in 2017. Biometric identification involves the verification of a unique physical characteristic that doesn’t change over your lifetime, such as your finger print, voice or face. A sensor stores a record of the feature and when you want to access your account, verifies it against the one on record. Many new mobile devices come with built- in sensors which can be used for this purpose.
Keep an eye out for our final blog post in this series, where we’ll explore the emergence of digital money.
Written by Sudhesh Giriyan, COO, Xpress Money