Most organisations are good at automating, authorising and auditing identity, but they fall short when it comes to authenticating identity.
So said Mark Eardley, channel manager at SuperVision Biometric Systems, in a keynote address at the ITWeb IDentity Indaba, held in Johannesburg this week.
According to Eardley, the conventional methods of authenticating identity - cards, PINs and passwords - are inherently insecure.
“There are fundamental failures in user authentication among these methods, which are fuelling modern cyber crime,” Eardley said. “They are not secure because cards, PINs and passwords are routinely lost and forgotten, as well as shared and stolen.”
Giving examples where these authentication methods proved futile, he pointed out that the Postbank had R42 million stolen from it in January this year, while FNB lost R27.3 million the following month thanks to weak user authentication methods.
“Cards, PINs and passwords can either be valid or invalid, that's it. They are also non-restrictive or non-specific. They do not identify people and they can never authenticate,” he explained.
He suggested that, in the face of the threats posed by these conventional methods, organisations must adopt the latest identity and access management solutions, like biometrics.
“It is not the strongest of the species that survives, nor the most intelligent. It is the one most adaptable to change,” he said, quoting Charles Darwin.
He also pointed out that SA is a world leader in biometric applications, boasting 75 000 Morpho scanners at different organisations.
“Biometric technology cuts losses and risks caused by the loopholes in cards, PINs and passwords.”
Share