People would not expect to bring a server to work, yet the concept of ‘bring your own device' (BYOD) is about taking authentication home with you.
Phil Dunkelberger, CEO of Nok Nok Labs, told SC Magazine that an authenticator "follows you around" and that "it is not about the device, it is about the person at the keyboard".
He said: “You don't bring the authentication server home and your device to work. Industry is missing the point and we have to use these things.”
“Authentication is built on a 50-year-old construct and users have figured this out and are smarter than the suppliers, yet we keep using a construct that is fragile, broken and doesn't work. We know it is a problem, and we understand consumers know this too.”
According to research by Nok Nok Labs and the Ponemon Institute of 1,900 consumers, 60 per cent would use a multi-purpose identity credential for access to data and systems, with UK and US respondents citing the convenience of this.
The research found that 71 per cent of respondents were frustrated with the current model, as transactions are blocked and systems are not easily accessed. Dunkelberger said that the problem is that there is too much talk about technology and not about people.
Further, 41 per cent of UK respondents were comfortable with the use of biometrics as an authenticator, while 85 per cent opted for voice recognition as a method, 65 per cent a facial scan, 59 per cent hand geometry, 60 per cent fingerprints and 51 per cent an eye scan.
Dunkelberger said: “Did Minority Report not scare these people? People trust biometrics and we see a mismatch with systems for authentication and form factor. Ease of use is the biggest driver but security is close to it.
“We are getting better at authentication, but the ecosystem is broken and the backend is not conversing. We are not thinking through what the customer experience is and it is getting worse. You have got to use what you have, but people want to use what they have everywhere.”
Dunkelberger claimed that BYOD will "begin, middle and end with authentication" but no one can do a one-size-fits all technology solution.
“Security begins with authentication and a supply level of service comes to play. Authentication is where I make decisions, figure out devices and at the point of authentication, you can circumvent security issues to give the capability to do the job,” he said.
“It is about strong authentication, to make decisions on the strength of it and the threat of being blocked shows the level we have got to play at. With a single credential, the fact is that it is more portable and you don't need anything more.”