The FIDO Alliance published its second annual Online Authentication Barometer, which gathers insights into the state of online authentication in 10 countries across the globe.
New to the Barometer this year, the FIDO Alliance has begun tracking authentication in the metaverse, and plans to incorporate utilisation of technologies like passkeys in future editions of the report.
Key findings
The 2022 Online Authentication Barometer has identified that entering passwords online has dropped by 5% – 9% across all five major use-cases that it tracks – including accessing financial services, work computers and accounts, social media, streaming services, and smart home devices – compared to last year.
Despite this, passwords remain the dominant form of online authentication and cause major issues for people and businesses. For example, 57% of consumers have logged into their financial services account by using a password in the past 60 days.
Biometrics is the second most used, but is still far less adopted at just a third of users.
Service providers and retailers also were impacted, with 59% of people giving up on accessing online services in a given month and 43% abandoning purchases because they couldn’t remember their passwords.
Data from the Barometer also shows that multi-factor authentication through SMS One-Time Passcodes (OTPs) is rising between 1% – 4% across all use-cases, as this legacy form of second-factor authentication is increasingly offered by service providers to rapidly improve consumer security and to meet regulatory requirements.
“This year’s Barometer data reveals that people see entering passwords as a pain and avoid it when they can,” said Andrew Shikiar, executive director and CMO of the FIDO Alliance.
“Service providers realize the inconvenience and security issues with passwords and are offering more ways to authenticate such as cookies to stay logged in and/or legacy MFA like SMS OTPs.”
“However, these attempts at convenience and security are still based on outdated and phishable authentication technologies that everyone needs to move away from if we are ever going to stop the constant onslaught of data breaches.
Organisations should all have implementation of modern, phishing-resistant authentication on their roadmaps, whether it is via on-device biometrics, FIDO security keys or passkeys.”
Summary of key findings:
- Entering passwords has dropped globally – by 5% – 9% across all use-cases tracked, as people adopt more convenient ways of logging in.
- Yet passwords are still the most-used authentication method in the financial sector – 57% of users have logged into their financial services account by still using a password in the past 60 days.
- Passwords are proving costly to service providers – 59% of people gave up on accessing online services and 43% abandoned purchases in a given month.
The post Study reveals password usage still dominates financial services appeared first on Payments Cards & Mobile.
