Authentication
Protecting access to data and verifying the user identities requesting that access is central to any security initiative. Originally, user authentication was primarily used to protect remote access to corporate data, but there are now other reasons for the increasing need for strong authentication across the organisation.
Real-time access to information offers benefits in terms of new business opportunities, cost efficiency and customer service. More and more companies are recognising this and are increasingly offering web-based customer portals and business applications to enable their customers to manage their accounts around the clock. Mobile access - especially via smartphones - provides customers with equivalent access and often even better functionality through their customised applications.
The status quo of authentication
Despite the fact that password-only authentication offers inadequate security, the use of a single password remains the most common method of verifying user identity. However, this method, once considered "free", incurs high administration and support costs over time. According to the Help Desk Institute, around 30 per cent of all help desk calls are related to password resets, costing between €25 and €50 per call.
With new authentication solutions constantly appearing on the market, organisations face a real challenge when it comes to choosing a suitable strategy for strong authentication. Access to internal company resources is still primarily protected by hardware authentication components. However, the mobility of employees and the use of smartphones and tablet PCs are leading to an increasing need for software authentication components. For portals with customer access, risk-based or knowledge-based authentication are usually used as security mechanisms, as these are user-friendly and easily scalable for a large number of users.