Many companies put us through multiple steps of verification to grant us access to their services. Everyday we go through identification, authentication and authorization processes and we may not even realise the steps that we are taking to log into an account. The need to prove the user’s identity is dictated by security reasons. With the rapid development of information technology, what we consider strong security can change. What was considered secure in the beginning of this century is no longer the safest option in 2021. The internet has evolved and security procedures need to change with time.
In environments that are secure, authentication always proceeds authorization. Firstly users confirm that their identity is true and then receive access to the requested resources. There are many different types of authentication. Different companies may require different credentials to confirm the user’s identity.
The most popular form of authentication is a password. If a user enters the correct data: username and assigned to its password the system considers the identity of a user as valid and grants access. The first time that a password was used as a security feature was in the 1960s at MIT. Even though it is the most popular solution it is not the safest. People tend to use passwords that they can easily remember. Among the most popular are “123456,” “qwerty,” and “password.” While these are easy to remember for the users, those are the first possibilities that a hacker would try to get into an account. More than that, passwords are stolen from servers every day and single factor authentication does not protect us from a hacker that already knows our password. What is even worse with accounts on every platform, it is becoming more difficult to remember a separate password for each account. So to make things more easy users recycle their passwords and use one for multiple accounts.
In the past years, we’ve seen an increasing amount of websites losing personal data of their users. The safer option of authentication uses more than one method to verify the identity of a user. This is called two-factor authentication. The method that requires at least two or more methods of authentication is called multi-factor authentication. Categories of the methods can be grouped into:
When a password and a username were not enough, the first attempts at multi-factor authentication were security questions. They were mostly used (and sometimes still are) as a method of recovering forgotten passwords. Questions that were often used were asking about the name of your first pet, name of your childhood friend or a favourite book. However security questions were easy to crack, especially if a potential hacker had knowledge about the victim. Sometimes users made it easy to reset their password by using a security question that had a predictable answer.
A weak password and only a single factor authentication may result in a hacker taking over an account or even damaging your device with a virus. Data theft can be another threat. Nowadays we store a lot of our information online, like pictures, documents and videos. Sometimes embarrassing ones that we would not want to be seen by the public. They are often protected only by a weak password. Poor security choices may also cause your identity to be stolen. That’s why it is important to trust companies with top security measures that comply with the highest standards of GDPR, like video verification. Fully-Verified offers video verification services supported by technology and artificial intelligence. An additional security measure is a human operator that checks each verification.
Future user authentication may be based mostly on passwordless methods. Relying on tokens, certificates, phone applications or even biometrics. Human characteristics like fingerprints, iris scanning or face recognition are starting to be used widely to authenticate users identity. In the future more methods may be popularized like typing speed or patterns and gair recognition. What is certain is that passwords were always considered to be weak security features. To protect your data and increase security it is recommended to use multi-factor authentication.
Fully-Verified was created as answer to its founders collectively losing over $150 000 to various types of fraud in their eCommerce businesses.