Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Bring Your Own Authentication is upending online security practices

Geoff Sanders | April 25, 2017
BYOA allows consumers and businesses to employ a variety of authentication methods that are simple to setup and convenient to use

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.


Seeing the success of the Bring Your Own Device movement, a cadre of leading companies are starting to explore if a similar approach can be used to address the authentication challenge. If BYOD essentially makes the device a proxy for the work environment, can that same device serve as a proxy for customers online?

This new movement, known as Bring Your Own Authentication (BYOA), holds the same promise of reimagining the way we think of authentication, putting the consumer (and device) front and center in the interaction, and relegating passwords to the background or eliminating them completely. But there are challenges to overcome in order for mass adoption.

Passwords have never been more risky or ineffective, and the traditional strong authentication methods employed by the masses to reinforce this legacy form of authentication are both cumbersome and inadequate.

As their effectiveness continues to wane, multifactor authentication (MFA) continues to rise as the new holy grail of consumer security. MFA is the practice of using multiple types of authentication factors – such as a fingerprint scan (an inherence factor), PIN code (a knowledge factor) or proximity of a specific device (a possession factor) – in conjunction to authenticate the customer.

Fortunately, consumers are already growing accustomed to using multiple methods of authentication with mobile one-time passwords (OTP) commonly employed on top of passwords to access all types of accounts—everything from online banking accounts to mobile wallets to social media profiles.

But while creating a layered defense, MFA can also create friction – after all, multiple methods of authentication can create multiple opportunities for confusion, frustration and administrative headaches.

Enter BYOA, which allows consumers and businesses to employ a variety of authentication methods that are simple to setup and convenient to use. The key is decentralizing the authentication layer onto the device.


How to Bring Your Own Authentication

Much as companies establish BYOD policies around specific devices they will support, in BYOA the business establishes policies dictating the amounts, types and methods of authentication employed by their end users at any specific time – methods such as device signature, fingerprint scan, geofencing or even Bluethooth proximity (e.g. one or more Bluetooth devices like an Apple Watch or a FitBit are within proximity to the consumer).

Consumers link their mobile devices to their account and choose their preferred authentication method(s) for any given transaction. Businesses can also instantaneously push authentication requests to consumers to obtain their authorization for remote login and logout, real time transaction approval, and on-demand identity verification for websites, mobile apps, kiosks, and other online systems. As warranted, businesses can dynamically adapt the level of authentication required in real time. For instance, a login might require a certain type of authentication (is the device known?), but a transaction might require a more stringent type of authentication (fingerprint scan coupled with geofencing).


1  2  Next Page 

Sign up for CIO Asia eNewsletters.