Reliance on passwords inhibits online business
A new study by the Ponemon Institute takes a deep dive into consumer perceptions around how organizations are securing their access, and what they would consider to be the ideal steps and technologies used to ensure that their personal information is protected.
The study includes results from more than 1,900 consumers between the ages of 18 and 65-years-old in the United States, United Kingdom and Germany. Key findings include:
Failed authentication thwarts online business. Approximately 50 percent of respondents were “very frequently” or “frequently” unable to perform an online transaction such as buying a product or obtaining a service because of an authentication failure on the website.
Most authentication failures happen because of the use of usernames and passwords. The majority of authentication failures happen because of forgotten passwords, usernames or a response to a knowledge-based question (such as a mother’s maiden name). Less than 50 percent of respondents said authentication failures occur because of glitches or inaccuracies within website systems or identity verification procedures.
Many consumers favor a single identity credential for a variety of authentication purposes. The majority of consumers (60 percent) would use a multi-purpose identity credential to verify who they are before providing secure access to data, systems and physical locations. The benefits of a multi-purpose identity credential are convenience (US & UK consumers) and security (German consumers).
Most respondents are comfortable with using biometrics. The majority of respondents believe it is acceptable for a trusted organization such as their bank, credit card company, health care provider, telecom, email provider or governmental organization to use factors such as voice or fingerprints to verify their identity.
Financial institutions provide the best online validation. According to respondents, the top five organizations that have the most secure authentication (in order of best to worst): banking institutions, credit card and Internet payment providers, social media, retailers, and Internet service providers.
“It comes as no surprise that we continue to see an increase in dissatisfaction from consumers when it comes to traditional authentication schemes involving usernames and passwords,” said Dr. Larry Ponemon , chairman and founder of the Ponemon Institute. “The good news is that there is a new sense of willingness to try emerging technologies and more complex identity verification systems to fix this broken system.”