72 Percent of Companies Plan to Ditch Passwords by 2025

A study has found that 69 percent of security professionals believe usernames and passwords alone no longer provide sufficient security and a majority (72 percent) predict passwords will be phased out within nine years.

The TeleSign report also shows that security professionals are increasingly turning to effective, easy to implement technologies such as behavioral biometrics and two-factor authentication (2FA) to secure user accounts.

“The vast majority of security professionals no longer trust the password to do its job,” said Ryan Disraeli, Co-Founder of TeleSign. “Thankfully, most companies aren’t resigning themselves or their users to password-only account security. They are implementing two-factor authentication in droves and newer technologies such as behavioral biometrics are emerging to address many of the concerns developers have around adding new tech to their applications.”

More findings from The Future of Account Security Report include:

Trust in passwords is waning, most companies plan to do away with them

Sixty-nine percent of security professionals believe usernames and passwords alone no longer provide sufficient security
Seventy-two percent believe their company will do away with passwords by 2025.

Poor security can lead to increases in fraud, having multiple impacts

Ninety percent of companies experienced fraud in the past 12 months, of which 97 percent felt the impacts.
Seventy-nine percent are extremely or very concerned about account takeovers (ATOs), and with good reason. Costs were higher for companies who had experienced ATOs in the past year — with 51 percent experiencing financial losses, 42 percent experiencing loss of customers or users, 42 percent experiencing damage to the company brand and 45 percent experiencing increased employee time to correct the fraud.

Behavioral biometrics and 2FA increase account security and are on the rise

Nine in 10 companies say behavioral biometrics would be extremely or very valuable for increasing security and 8 in 10 say it would increase security without degrading the user experience.
More than half of companies (54 percent) plan to implement behavioral biometrics in 2016 or later.
Eighty-five percent of companies will be using 2FA within the next 12 months, with four in ten already using it for their consumer accounts and another four in ten planning to adopt it in the next year.
Ninety-two percent of security pros agree two-factor authentication significantly increases account security on top of passwords.

Online fraud remains a top concern for companies, with 86 percent reporting they are extremely or very concerned about authenticating the identity of web and mobile app users. In the past year, 9 in 10 companies have experienced fraud and almost 8 in 10 (79 percent) are concerned about account takeovers (ATOs), which occur when unauthorized access is gained to a web or mobile end-user account – often due to stolen credentials, weak passwords or bot-based attacks. Overall, the impact of fraud remains high, with 42 percent of companies saying they experienced financial losses and 45 percent experiencing increased employee time to correct the fraud.

“The business of fraud has become public enemy number one for mobile and online companies,” Disraeli added. “Cybercrime such as account takeover is affecting businesses of all sizes by incurring financial losses, loss of customers and users and ultimately brand damage. In order to address the failing password, enterprises need to add additional account security technologies to keep user accounts safe. Behavioral biometrics technology and two-factor authentication are emerging as leading candidates to bridge the gap.”