It is 2023, and you might think that by now, we have figured out how to protect ourselves from the cunning tactics of cybercriminals. Surely, we have learned to spot phoney emails and bogus websites that are designed to steal our personal information. Right?
Wrong!
According to the ForgeRock 2022 Consumer Identity Breach Report, 2 billion data records were compromised in 2021, a staggering 35% increase over the previous year. And if that was not alarming enough, in the first quarter of 2022 alone, more than 75 million records were breached.
The truth is, despite our best efforts, phishing attacks and identity-related threats are on the rise, and they are becoming increasingly sophisticated. As the digital world is rapidly expanding and evolving, so too are cybercriminals. These cybercriminals are constantly adapting and evolving, leveraging new technologies with the aim of devising new ways to deceive us.
So, what can we do to protect ourselves in this digital age? How can we stay one step ahead of the cybercriminals who are constantly seeking to exploit our trust? Well, according to David Hope, Senior Vice President, Asia Pacific & Japan at ForgeRock, going passwordless may just be the solution.
David believes that password-based attacks have become a significant cause of data breaches, hence are no longer the most effective method of authenticating users. Passwords are not only easy to guess and cheap to acquire because people, by their very nature, make mistakes, including inadvertently exposing their passwords. Going forward, organisations need to shift away from user interactions with passwords by providing a passwordless experience across all enterprise resources, including web and mobile-based applications, workstations, servers, and other legacy infrastructure.
He was also quick to mention how ForgeRock’s Enterprise Connect Passwordless platform offers passwordless authentication methods, no code orchestration journeys, and application integrations — all the elements that businesses may require to implement a successful passwordless program.
When You Need More Than MFA
There are numerous benefits that organisations can reap by adopting a passwordless approach, to which David highlighted a few in particular:
- Cost SavingsForrester estimates that calls to a call centre for password-related issues can cost up to USD $80 per incident. By moving to a passwordless environment, organisations can reduce these costs and free up resources to focus on more strategic initiatives.
- Improved AuthenticationPasswords are a major weakness in traditional authentication methods. With the availability of biometric authentication on our phones, the security of the authentication process is significantly improved. Initial setup is required, but it can be done quickly and easily through methods such as barcode scanning or tokens, depending on the organisation’s use case.
- Seamless ExperienceFrom a consumer perspective, the passwordless experience offers a seamless, hassle-free authentication process. With no need to remember passwords, consumers can enjoy a much better customer experience. They no longer have to worry about forgotten passwords or being locked out of their accounts, giving them more confidence in the security of their personal information.
Ultimately, with the right passwordless platform, companies can say goodbye to the headache of password management and hello to a world where authentication is simple, convenient, and highly secure.
According to David, what sets ForgeRock’s solution apart from traditional MFA methods is its ability to scale its identity management platform. He added that ForgeRock’s platform offers customers the flexibility to choose between an on-prem, cloud-based, or hybrid environment, making it an end-to-end identity management platform for any type of customer. Whether it is managing workforce identity, citizen identity, or consumer identity, ForgeRock provides a comprehensive solution that is both scalable and secure.
The Senior Vice President, Asia Pacific & Japan at ForgeRock shared how over 40% of their global customers come from the Financial Services and Insurance Industries (FSI), which are arguably the most vulnerable sector to breaches and attacks. To date, ForgeRock has helped global companies like HSBC, Standard Chartered, and ANZ Bank manage a huge volume of identities, especially in high-population markets like the largest country in Southeast Asia, Indonesia.
He believes that scalability is crucial for these companies that serve massive markets, and ForgeRock enables them to manage thousands of transactions per second. These success stories demonstrate how passwordless solutions can result in reduced costs and improve security while providing a better experience for customers.
You Do Not Have To Remember Passwords Anymore
David says it is without a doubt that ForgeRock is on a mission to revolutionise the way we access our digital accounts. The company envisions a future where users never have to log in again and to achieve this lofty goal, they are taking a multi-faceted approach.
By leveraging biometrics technology found in modern mobile phones, ForgeRock is eliminating the need for traditional passwords, which are widely known to be a weak point in cybersecurity. And he believes businesses should start looking beyond passwords, sooner rather than later.
For the ASEAN leaders that are looking to improve their security outputs, David has some sound advice: He believes that identity management is no longer just a back-office function managed by technical teams. With the rise of cyber breaches and increased awareness of the real cost of losing customers, identity management has become a front-office function and a C-level discussion. David’s advice is simple: “Treat identity as a critical asset that needs to be protected and secured, while still prioritising customer experience.”
He suggests that leaders should not see security and customer experience as mutually exclusive, but instead use innovative solutions such as passwordless authentication to achieve both.
