Transmit Security Report: The Impact of Password on your Business.

20 Apr Transmit Security Report: The Impact of Password on your Business.

Italian version

Transmit Security is an identity experience company that from 2014, the year of its foundation, supports and continuously helps its clients in implementing strong and passwordless authentication mechanisms that reduce identity attrition and relative costs for firms.

Few days ago, Transmit Security has published a Security Report intitled “The Impact of Password on your Business – Why Passwords are to Blame for Loss of Revenue, Identity Attrition and Poor Customer Experiences”, with the aim of proving that authentication mechanisms need to move towards a passwordless future.

In fact, passwords are still widely used as an identity authentication method, and their management is still not considered a priority by most firms.

“By getting rid of password dependency, companies will be able to meet the standards of customer service that consumer have come to expect across all industries, platforms and services”, highlights the report.

There is an important tradeoff between high security levels and optimal user experience that leads to 55% of consumers to have stopped using a website because the login process was too complex, combining password requirements, multi-authentication techniques via text messages or emails, and OTP solutions. Failure to comply with these methods brings high levels of frustration to users, that find themselves to be blocked out of their own accounts. In fact, according to the report, 87.5% of consumers found themselves locked out of an online account due to too many failed login attempts.

Transmit Security’s CEO Mickey Boodaei pinpoints three main reasons that are responsible for the high number of failed logins:

1. Misspelling of passwords, due to the difficulty to comply with too many requirements.
2. High number of passwords, increased by password expiration dates.
3. Attackers trying to guess your password by brute force resulting in the uses being locked out of their own accounts due to too many attempts.

This results in consequences such as user loss (88% of users will not return to a website after a bad user experience), session abandonment (according to Mastercard, one third of online purchases are not completed at checkout because the users cannot remember their passwords), help desk and support service increase.

Moving towards a passwordless identity method would bring many benefits:

1. Users do not need to remember a big number of passwords.
2. Firms will be relieved from the high number of reset requests.
3. Providers could develop more user-friendly features, increasing customer loyalty.
4. Reduce the attacks aimed at password cracking.

Furthermore, 52% of consumers have reported to share their passwords with someone else, mainly friends, family, or partners. The high number of passwords leads to a low changing rate, since users do not want to add more strings to remember to the already long list. This means that the password is not only shared among different people, but also not changed or updated. Furthermore, there is the tendency (65% of users) to reuse the same password for different accounts. It is not difficult to understand the disastrous consequences for the cyber security world. In fact, since 80% of attacks are related to passwords, it is very likely for an attacker to try the same password for different accounts, compromising, with few characters, almost (if not all) the whole users’ digital identity.

How can a passwordless approach solve these issues?

Benefits of the passwordless approach

1. First, it will guarantee that there is only one user for each account and customize the customer experience according to the single user.
2. Since one fourth of customers will not create an account because they do not want to remember their password, a passwordless approach can boost the online market revenues.
3. 90% of consumers use multiple devices throughout the day to perform different activities, and to use the same services on different devices users must login on each one every time. This results to high stress levels, and for this reason most users abandon the services. Implementing the passwordless approach means to allow the users to enjoy a unified cross-channel experience when using multiple devices.

Transmit Security solution

The solution created by Transmit Security will cover all these issues and propose a new passwordless approach.

BindID is an app-less mobile authenticator that uses FIDO2 certified built-in device biometrics for reliable and consistent costumer authentication across different devices and channels.

The solution will leverage on the fact that a high percentage (89%) of customers trust biometric authentication equally (if not more) than password authentication.

Transmit Security’s CEO Mickey Boodaei talking about BindID says:

“BindID marks the end of an era. No multiple IDs and credentials needed for each website. No more password resets and locked accounts. For the first time ever, customers can authenticate using biometrics using just their mobile device. BindID makes authentication simple, unified and much more secure.”