Sign In

Subscribe to our Weekly Newsletter to get latest updates to your inbox
APRIL 2018CIOAPPLICATIONS.COM9employees. We knew that multi-factor authentication was a smart approach. Initially, we used physical smart cards. This kind of authentication is much more secure, but it still didn't give people a smooth user experience. Additionally, the smart cards require infrastructure (a card reader in each hardware device) which can be challenging to implement. Further, while smart-cards are more secure, they are still prone to being lost or forgotten. To side-step the usability challenges of smart cards, we've now started a journey focusing on a nearly-friction-free experience, from using nature's most unique characteristics: biometrics. There are a range of biometric-based technologies that allow people to use fingerprints, iris scans, facial recognition and even heartbeats to authenticate their identity. These technologies are easier to use, more accessible for the needs and preferences of the person and are significantly harder for criminals to exploit. We can leverage the same technology of a smartcard but use the person's biometric identifier as the equivalent of a 4 or 6-digit PIN.Using biometrics as part of the multi-factor authentication process boosts security by making it more difficult for hackers to steal a person's identity. The criminal would need both the user's device and their biometric to access data. The biometric image is never stored on the device. The technology we use converts the biometric image to a numeric representation that is irreversible and secured on the device, so the identity of the person is always within their control. Right now, about two-thirds of the people at Microsoft have the ability to log into our network by using a biometric identifier. There is a process for incorporating this technology across our organization and that requires some time, which is why we're not totally password-free yet. It's worth noting that this approach only works when there is a deep integration between the hardware and the software. I truly believe that the effort involved is worth the work because the final result is a delivers strong, tangible benefits: 1) a great user experience (which means that people will actually follow the procedure); 2) it drives operational costs down because there are fewer (or zero) calls to the help desk for resetting passwords and 3) better securityWe're not the only company on this journey. We're collaborating with our peers within the technology industry via the Fast Identity Online (FIDO) Alliance to help propel the adoption of this approach more broadly. We've built a blueprint for the technology and shared it with hundreds of companies, some of whom are rolling out the technology now. Companies who are interested in adopting this approach should work with FIDO to learn more. We are optimistic that this innovation will become more widely adopted and as it is deployed more, people will be safer. It's worth noting that there is no single security step that will protect you or your business from everything, including eliminating passwords. It's imperative that businesses and individuals update their software regularly and ideally, use operating systems that update automatically. Everyone should practice safe online habits and hygiene, avoid clicking on emails, links and attachments from unknown sources and backup all their data. I will continue on my quest to eliminate passwords. In addition, I will also continue to work for solutions to security problems that offer as much promise as our hope for getting rid of passwords: a better user experience and a superior level of security. It's a good thing and I like hard challenges. Using biometrics as part of the multi-factor authentication process boosts security by making it more difficult for hackers to steal a person's identity Bret Arsenault
< Page 8 | Page 10 >