Following the prolonged hiatus imposed by COVID-19, Nevis Security AG is finally participating in trade fairs once again. The secIT event in Hanover was the security company’s first highlight of the year. CEO Stephan Schweizer was also in attendance and gave a talk on the advantages of passwordless authentication. Read more about it here.
Nevis takes part in secIT 2022
123456, password, 12345 and hello. No, these are not typos but rather the most popular passwords of 2021. To put it mildly, this reflects very poorly on anyone who actually wants to protect their data properly. Nevis Security AG highlighted this issue once again at this year’s secIT event – where it encountered a very interested audience. With its passwordless solutions for logging in online, the security expert is setting a good example and showing how companies and private households can protect their data reliably and easily.
Passwordless authentication – what’s it all about?
The ‘normal’ login familiar to us all is the traditional password. When the login screen on a website opens or if we want to log in to an app, we use this combination of words and numbers to log ourselves in. Unfortunately, this approach is becoming increasingly risky, as Nevis CEO Stephan Schweizer knows only too well: ‘I’m afraid the numbers speak for themselves. Roughly 80 per cent of successful hacker attacks are based on stolen credentials or login information, usually in conjunction with credential-stuffing attacks. These highly automated attacks involve trying out large volumes of passwords purchased on the Darknet until they work. Depending on the industry, the potential damage can be enormous. Yet it doesn’t have to be this way – because the highly efficient technology to counter these attacks is readily available.
Protected by your own biometrics
But how do we log in without using the ‘traditional’ password? The solution is simple. Our own facial biometrics can help prevent an ‘account takeover’. Here, the entire focus is on verifying one’s own identity. Generally speaking, a distinction is made between four types of authentication procedures. They are based on the factors of possession, knowledge, location and biometric characteristics. For example, a user can ‘possess’ an identified device, have ‘knowledge’ of a password, login from a specific ‘location’ and IP address and have a unique fingerprint. Combining these means of identification features largely ensures that the person trying to access online resources is actually who they claim to be. The more sophisticated the MFA, the more secure the system. However, it is important not to sacrifice user-friendliness. Multifactor authentication ensures maximum user-friendliness because biometric processes such as facial recognition or analysing a user’s typing behaviour require neither time nor effort.
Multifactor authentication (MFA) is a security mechanism that uses more than one necessary security and validation procedures to authenticate people. After all, authentication that relies solely on a username and password is not secure and is vulnerable to hacker attacks.
The economic advantages for companies
Passwordless logins are not only more secure for all participants, but also have a positive impact on the financial situation of companies, says Stephan Schweizer: ‘The experience of our customers shows that passwordless authentication – itself relying on biometric mechanisms and open standards – leads to greater user interaction. Some of our customers reported that user interaction more than doubled after they introduced the solution. This had measurable effects on the revenue side. On the other hand, this type of login minimises the running costs for companies’.