User forgetfulness drives preference for biometrics over passwords

1 year ago 77
BOOK THIS SPACE FOR AD
ARTICLE AD

More than half of consumers have had to reset their password at least once a month because they struggle to remember it, with just 6% describing this form of authentication as safe. 

Instead, 53% believed fingerprint scans were more secure than passwords, while 47% chose facial recognition, revealed an Entrust Cybersecurity Institute study that polled 1,450 respondents across 12 global markets. These included France, the US, and the UK, as well as 400 respondents from four Asia-Pacific cities in Singapore, Australia, Japan, and Indonesia.

Interestingly, 41% saw 4- or 6-digit PIN codes as more secure than passwords. 

The survey revealed that 51% reset their password at least once a month because they could not remember it, including 15% who did so weekly. 

Across the four Asia-Pacific markets. 41% admitted to resetting their password at least once monthly while almost 10% did so weekly. Presented with a choice between biometrics or passwords, some 75% would opt for the former at least half the time, while a third would choose biometrics whenever available. 

Globally, 58% would choose biometrics over passwords at least half the time and 33% would always do so, with 16% saying they would never select biometrics.

Amongst those who opted against doing so, a third described biometrics as more cumbersome than passwords, while 22% said their devices did not support this form of authentication. Some 17% pointed to security concerns over biometrics. 

"There's no one right way for organisations to authenticate customer, employee, or citizen identity," said Entrust's chief information security officer Mark Ruchie. "It's always a tradeoff between providing relatively frictionless access experiences and incorporating safeguards that confirm users are who they claim to be. The authentication methods you employ can, and should, change depending on the circumstances, like the sensitivity of data users are accessing, whether you're serving customers or employees, or if atypical login behaviours are exhibited." 

Acceptance over loss of data control

The study also uncovered some interesting revelations about consumers' attitudes towards ownership of their digital credentials and personal data. 

Below half, at 45%, believed they owned their personal information. Some 28% said their data belonged to whoever controlled it, while 27% said ownership belonged to the issuer. 

These sentiments might relate to how respondents felt about data control, with 74% noting that sharing their personal information was unavoidable in order to access goods, services, and applications. 

Asked if they felt comfortable entrusting their online identity with organisations they trusted to improve user experience, 54% said they would be. However, 46% felt otherwise, saying they should be the only one with ownership of their digital identity. 

In Asia-Pacific, 75% also agreed that sharing their personal data in order to access products and services was unavoidable. Half would be comfortable with trusting organisations to own and store their digital identity, while the other half were not. 

To help them feel more in control of their data, 42% across the globe pointed to the ability to revoke access, while 32% would want to know the organisations that had access to their personal information. Another 30% would want to know the organisation's privacy policy and 19% said mail should not contain personal data. 

Asked if they had a form of electronic identity, 43% said affirmatively while 36% said no. Some 21% were not sure if they had one, which Entrust said might suggest that not all respondents in the US, for instance, were aware their government had been automatically issuing digital passports to all holders since 2006. Just 27% in the country said they had an electronic identity. 

Across the board, 70% would use a digital form of government-issued ID if available, with the majority citing convenience as the top benefit. However, while 49% said enhanced security was the reason they would use an electronic ID, 45% cited security concerns as the reason they would not do so. Another 36% pointed to identity theft as their concern for opting against a digital ID. 

In Asia-Pacific, about 20% were unsure if they had an electronic ID, though, 70% would use a government-issued one if available. 

Noting that both digital and physical identities had their challenges and benefits, Entrust COO Anudeep Parhar said: "It's not a zero-sum game. Offering consumers access to both formats affords them the flexibility to choose what works best for them or for a given situation."

RELATED COVERAGE

APAC consumers share more data, but will ditch firms over security breachHalf of APAC firms bypass processes to accommodate remote work
APAC consumers believe onus on businesses, governments to safeguard their dataAPAC consumers have concerns about online privacy, but let it go for freebies
APAC firms need to build trust, brace for more third-party attacks
Read Entire Article