PayPal’s Technology Evangelist and Senior Policy Advisor, Bill Smith, has written a new essay calling for the end of the password. While he certainly isn’t the first to do so, Smith brings together a number of recent trends and developments to show how the time is ripe to move on to more advanced and easy-to-use security systems.
Smith highlights biometrics as the major security solution to replacing the password. He credits Apple’s Touch ID with helping to popularize biometric authentication in the mass market – much to his credit, given that his employer is a major rival to Apple in the mPayments space, where powerful digital authentication is badly needed for transaction authorization. Indeed, Touch ID has led numerous other competitors to integrate fingerprint scanners and other forms of biometric authentication into their own mobile devices, with fingerprint sensors now more-or-less standard features on new mid- and upper-range mobile devices.
Smith also points to the important work of the FIDO Alliance, which has helped to establish authentication standards that are relevant to today’s technology. He asserts that FIDO has worked with major industry players to develop advanced security specifications that enable the implementation of “easy-to-use, secure, and privacy respecting mechanisms for authenticating users,” and he applauds additional requirements for “local authentication, no biometric data on the wire, no protocol artifacts that can be used for cross correlation, and asymmetric encryption.”
Going forward he argues that the early adopters implementing these standards now will have a first-to-market advantage later, given their “deployment experience and the ability to rapidly switch from password to password-less.” It’s an encouraging prediction for companies trying to kill the password today, and it’s well worth reading the full essay at CircleID.