Passwordless authentication) will definitely be the next step for online accounts. It offers a better user experience and added security.
content
Currently, when we access the email account, the profile on a social network or even the user account at the bank, the first data we have to enter are the user's user and password. The accounts that require an increased security degree, besides the password also request another second authentication factor. This can be an additional code received by SMS or email, OTP (One-Time Password) or can be a cod token generated by applications such as Google Authenticator.
Password is not the guarantee of the security of an account
In a study by Transmit Security’s State of Customer Authentication, it was shown that over 50% Among the participants have disclosed to someone else's password for at least one account, while over 41% they disclosed Passwords for more than one account.
55% Of those who attended the survey they gave up to use the services of a portal or website requesting Password integration. This process is very difficult for many users. Especially the online services that require complex passwords composed of uppercase and uppercase letters, numbers and special characters.
The study has also highlighted a worrying aspect. 87.5% of users had at least once the accounts blocked following the failed authentication tests. Have forgotten the password. Of these, 92% left the online service without recovering the password.
In personal experiences as an online store administrator I have noticed how with the development of technology, users' patience is increasing. The user no longer has the patience to complete many mandatory fields when making an order online, he does not want to remember complex passwords, he does not want to wait many days until an order is delivered.
For example, if you want to lose a percentage of potential customers of the online store, let the fields compulsory “cod postal” si bifa by default “Delivery to another address”. To the first red message after pressing the button “Send your order”, many users close the web page.
In conclusion, we can say that the password of an online account has become a small stress factor. Or more stress factor if we urgently need to access an online service that we forgot the password, and the password recovery process is complex. As it is at Meta, when we have to recover the password of a Facebook account. I had situations in which Meta (the former Facebook Inc.) requested the identification document of the account holder, and so it failed to recover the password.
The biggest Advantage of authentication without password It would be first of all the user experience.
How to do the authentication without passwords in online accounts – Passwordless Authentication
There are several current alternative methods by which you can do the authentication without passwords.
One-Time Password It is the most handy alternative authentication without password. OTP It is currently used by many payment processors to confirm online transactions. Users receive through SMS or email a confirmation code valid for a limited period of time. This code must be entered in the web interface or the online application from which the transaction is made.
Push Notification It is another method that takes popularity. Currently used by services such as PayPal and Google, at the authentication from the browser, the service will send a push notification message on the application on the smartphone. The user must confirm access in the browser, but not before the smartphone is authenticated with biometric data. Thus you can do the authentication without passwords in an online account. Passwordless Authentication.
When we want to authenticate ourselves on PayPal From the browser, we have two authentication options after entering the password: “Confirm using PayPal app” and “Recive a text“
Authentication required
PayPal – auth. in browser.
As part of the PSD2 Strong Customer Authentication regulation, we need additional information to confirm it’s really you.
On SMARTONOLE we will immediately receive the push notification confirming the authentication.
At the moment PayPal also requests the password of the account, but if the transition to biometric authentication can be made, the password can be eliminated.
Magic Link It is another method of authentication without password. In the authentication process the user will receive a unique authentication link. The method is currently used by several online services as an alternative for password authentication.
Biometric authentication It is definitely the technology of the future for systems that require authentication and will be the basis for Passwordless Authentication. Apple took an important step with Passkeys Replacing passwords on iPhone, iPad and Mac with biometric authentication. Touch ID and Face ID will take the place of the passwords. It is not known how long Passkeys will become a reality, but the first and most important steps have been taken.
Ethiopia has recently launched Foundational ID, offering residents identity documents with biometric identification. In this way, the release of identity cards (ID) is made easier, the addiction to digital cards is minimized, and the new IDs with biometric data can be used both in the online and offline environment.
The Ethiopian government chose T5-ABIS BE (Biometric Engine) of the TECH5 As a solution for facial scan, fingerprint and iris scanning for Biometric identification.
In conclusion, in a few years the authentication without passwords will become available to anyone, and the processes of registering an account on an platform and authentication will be done by biometric ID.
