Robert MacDonald, Vice President of Product Marketing, 1Kosmos
Bangalore (Karnataka) [India], May 27: VP Product Marketing, 1Kosmos, Robert MacDonald, speaks about redefining digital security with 1Kosmos’s pioneering identity first approach to passwordless authentication to combat cyber threats, the inspiration behind adopting this approach, and the benefits it offers compared to traditional password-based authentication.
Q- Can you explain the concept of passwordless authentication?
Passwordless authentication is a method of verifying a user’s identity without requiring a password. Instead of relying on a secret password that can be guessed or stolen, passwordless authentication utilizes other factors to verify the user’s identity, such as biometric data (e.g. TouchID, FaceID or facial recognition biometric), hardware tokens, or public key cryptography.
This approach eliminates many of the security risks associated with passwords, such as weak passwords, password reuse, password sharing and password theft through phishing attacks. Passwordless authentication also simplifies the login process for users, reducing the burden of remembering multiple complex passwords.
Q- What inspired you to move towards passwordless authentication?
The current approach to authentication places the security responsibility on the user, and to make matters worse, the user experience is terrible. Our goal was to improve the user experience and improve security. Doing both would eliminate password based attacks and reduce fraud.
Authentication is the first step to secure user accounts. We now provide organizations a strong multi-factor authentication platform to secure any point of access while giving users complete control over transaction approval and access to their information.
Q- How do you plan to implement passwordless authentication in an organisation?
1Kosmos innovative solution combines identity proofing and authentication to remove friction during user onboarding and then gives those users a convenient non-phishable biometric-based authentication experience that enables organizations to confidently phase out passwords eliminating most account takeover and fraud.
Q- What are the benefits of passwordless authentication compared to traditional password-based authentication?
Improved Security: Passwords are prone to security risks such as theft, phishing, and brute force attacks. Passwordless authentication eliminates these risks by using more secure and reliable methods, such as biometric data, hardware tokens, or public key cryptography.
User-Friendly: Passwordless authentication is more user-friendly than traditional password-based authentication, which often requires users to remember and manage multiple complex passwords. Passwordless authentication simplifies the login process and reduces the burden on users.
Cost-Effective: Passwordless authentication can be more cost-effective in the long run, as it eliminates the need for password resets, account lockouts, and other support-related costs associated with password-based authentication.
Regulatory Compliance: Passwordless authentication can help organizations meet regulatory compliance requirements, such as GDPR and PCI-DSS, by providing a more secure and reliable authentication method.
Q- What are the potential drawbacks of implementing passwordless authentication?
The drawbacks can depend on the service provider in many cases. However, there are XX considerations:
Limited Compatibility: Not all systems and applications support passwordless authentication, which could limit its compatibility with existing systems and increase the cost of implementation.
User Privacy: Some users may be concerned about the collection and storage of their data, as it could potentially be used for other purposes or compromised in a data breach.
Cost: Implementing some forms of passwordless authentication may require additional investment in hardware, software, and training to ensure a smooth transition.
Vendor Lock-In: In some cases, passwordless authentication can rely on a single platform or device, and in such cases, users would be bound to a passwordless authentication on that platform or device only, limiting the user authentication capabilities.
All or Nothing: When transitioning to passwordless, organizations may be forced to perform a hard switch. Meaning, one day users log in as they have and the next day is a passwordless experience. The sudden change can cause havoc with users who are underprepared.
Q- How will you ensure security in passwordless authentication?
1Kosmos takes an elegant approach to secure passwordless authentication. We verify the user’s identity and match the user’s biometric captured at enrollment, at every authentication request. The user’s biometric is bound to a public / private key pair, so the biometric can’t be spoofed, the session can’t be compromised, and the biometric cannot be stolen. Every access attempt physically verifies the user identity leaving no chance for impostors to log in.
Q- How will users be able to reset their password if they forget their passwordless authentication method?
The 1Kosmos platform comes with several convenient features, such as password reset for legacy or other systems that cannot support a passwordless workflow. Our password reset feature can utilize a user biometric to ensure the validity of the request is coming from a verified user.
Q- How will you measure the success of passwordless authentication implementation in an organization?
There are many ways we measure the success of a 1Kosmos deployment with our customers. These four stand out:
User Adoption: We look to track the percentage of users who have adopted passwordless authentication. A higher adoption rate indicates that users are finding the new authentication method easy to use and more secure.
Reduction in Help Desk Calls: Passwordless authentication can significantly reduce the number of help desk calls related to password resets and lockouts. A reduction in these types of calls is a good indication that users have adopted our user experience.
Cost Savings: The reduction of authentication platforms, hardware tokens, password resets, and other related costs.
User Feedback: Lastly, and maybe the most important, is feedback from users on their experience with our passwordless authentication experience.
Q- How will you handle legacy systems that do not support passwordless authentication?
We recognize that not all platforms can support a passwordless experience. That’s why we have well over 50 out-of-the-box connectors, open APIs, and a robust SDK. We can implement a consistent authentication experience from our app to authenticate a user with a traditional MFA workflow, the same app they’d use to authenticate passwordless. Our platform can ensure long-term interoperable solution viability and improve return on investment by reducing overall management costs.
Q- Will you still offer traditional password-based authentication for users who prefer it? If so, how will you ensure the security of both methods?
YES! Coexistence is a deployment we believe strongly in. Offering a coexistence strategy for deployment will provide a side-by-side login experience where users can choose to log in as before (username and password+2FA) or passwordless. Allowing users to choose when to make the switch will improve the acceptance rate, and as laggards see the experience others have adopted, their move to passwordless will be out of excitement and curiosity vs resentment and resistance.
If you have any objection to this press release content, kindly contact [email protected] to notify us. We will respond and rectify the situation in the next 24 hours.