The overwhelming consensus among the key speakers at last week's Money 20/20 event in Las Vegas: "The world of powerful, friction-free security is upon us.”
This might sound like a generic statement that security professionals have been echoing for decades. The difference today, however, is that innovative cyber attacks and data breaches are happening frequently due to weak access points created by human error.
Implementing the most powerful security solutions is an ongoing struggle because of the challenge of adopting high-security measures that can protect against such attacks. At Money 20/20, experts from the most advanced security and risk teams weighed in on the latest DDoS attacks, and how friction-free security will impact the success of stopping future attacks.
Every year, Money 20/20 attracts the largest players in the financial services sector to connect them with up and coming financial services technology products. During the first keynote, Adam Ludwin of Chain, a small blockchain startup, announced that Chain and Visa had joined forces to launch a brand new product. The momentum of the event just grew from there.
Taking Security Beyond Biometrics
The hottest topics of the conference included applying blockchain technology to daily financial services, the innovation in payments / peer-to-peer money transfers, and friction-free security measures using biometrics. I personally spoke to more than 20 biometrics companies at the conference who were looking to adopt a unique form of biometrics.
Although biometrics was one of the key topics of discussion, the real conversation focused on how to increase security and drive adoption. While everyone at the conference wanted to do away with passwords, nobody could agree on the security measure that would be most successful in doing it. Conversations revolved around face recognition, written signatures, voice and, of course, fingerprinting.
Despite the deep understanding and reflection on all of the new technologies, the challenge remained:
How will we deliver a great experience while implementing an impenetrable solution?
The Dynamic Dilemma
The closest I came to hearing an answer was during a roundtable on “Biometrics Innovation & the New Password”. While every expert on the panel identified the clear challenge of each possible solution, the consensus fell squarely on the need for an all-encompassing solution that doesn't rely solely on a biometric feature with authentication, but dynamically allows end users to choose based on the risk context.
Giving end users a choice will drive adoption, and enabling companies to identify the level of risk will remove friction for good customers. The challenge thus far has been identifying a go-to risk solution, then finding a mix of other solutions to execute step-up authentication.
While this particular roundtable spoke very clearly to the need for companies to deliver a better experience, it did not consider the evolution of cyber attacks. The most recent attack on Dyn, for example, was executed by devices like smart cameras, smart toasters and smart fridges, and customers were completely unaware it was happening.
Clearly, there is a need to evolve quickly and deliver a great experience. Having the ability to know your customer, their risk level, and how they like to engage your business - within milliseconds - is difficult. But with a combination of risk, identification, and authentication solutions, it's also quite reachable.
Combining a device-based risk solution with a dynamic step-up multifactor authentication solution checks all of the boxes.