DEV Community

Cover image for Future of Security and Authentication
SAWO Labs
SAWO Labs

Posted on

Future of Security and Authentication

Hi
I'm Siddharth from SAWO Labs

  • Passwords have been an integral part of our digital world, since time immemorial when the first computers arrived many decades ago.

  • Today, it is estimated that every employee in an organization uses an average of 191 passwords! It is beyond the average human capability to remember so many passwords, so people end up reusing the same password across many applications. This behavior explains why 80% of cyberattacks involve compromised passwords. People mash up their pet names with dates of birth and other random characters to come up with complicated passwords, still, it is a piece of cake for the advanced algorithms of hackers as they are created to identify and break these passwords within seconds.

  • So, given this double whammy of using passwords and the presence of algorithms to break them easily,

What is the future of authentication?

Multi-factor authentication

  • Multi-factor Authentication, or MFA in short, seems to be the next evolution in the world of authentication where a code is sent to an email ID or a registered phone number for an additional layer of security and verification.

  • While this process is definitely better and more secure than passwords, it is not easy to implement as it requires new hardware and systems to send authentication codes and match them.

  • From an organization's standpoint, MFA is not a cost-effective solution either because it has to pay a cellular operator for every SMS sent. This cost increases when employees have to access multiple systems as a part of their daily work.

  • Also, the growing trend of working from anywhere exacerbates this problem because it means more authentication, more complexity, and more costs!

  • Due to these reasons, MFA is more a stop-gap solution that may become obsolete when more advanced technologies for authentication take over. And this brings us to the next question. What are these advanced technologies?

Future of Authentication

  • Let's take a look at some of the emerging technologies that have the potential to change the way we access and authenticate users.

Biometrics

  • Many devices have already started using biometrics to authenticate users. Fingerprints, iris, and facial recognition have already become increasingly available at low-cost rates, thereby enhancing their use across devices.

  • That said, it is worth noting that implementing a biometric authentication is expensive as the exact fingerprint or iris pattern has to be saved and compared every time. It is time-consuming as well because it can take time to retrieve and compare, depending on where the databases are located and the speed of Internet access. Many times, it will require the use of third-party systems too.

  • Worse, these biometrics are not as foolproof as one believes as the system can be tricked.

Biometric authenticators

  • This possibility to hack into a single fingerprint or iris system takes us to the discussion of using biometric authenticators where systems use a combination of biometrics to authenticate a person.

  • These different authentication points will be automatically captured by the systems over time and these will be used in a random order to authenticate an individual. These authenticators will include behavior such as the way a user types, the speed, geolocation, and other factors that can help to authenticate a user.

  • However, the downside to these biometric authenticators will be the huge costs of storing and comparing. Plus, it will require advanced machine learning techniques and algorithms, all of which may require considerable investment in technology.

SAWO

  • Secure Authentication Without OTP (SAWO) is a breakthrough technology that is expected to play a big role in future authentication because it is simple, effective, safe, and cost-efficient.

  • This one-step process for authentication only requires users to sign up with their email ID or phone number, and the system takes care of the authentication. No passwords or OTPs are involved in this process and there are no third parties like cellular operators in this workflow. As a result, authenticating users is quick and cost-effective. The entire authentication process is completed in 0.06 seconds, making it one of the fastest authentication methods available today.

  • Also, it is secure because it uses public-private key encryption. It's important to note that this process doesn't store passwords at all, so there is absolutely no possibility for hackers to enter a system by stealing passwords.

  • Further, the entire authentication process is based on the concept of keyless passwords, a transformative process that is being touted as the next evolutionary step in the world of authentication.

  • Since SAWO scores high on speed, cost-effectiveness, and security, it is undoubtedly a part of the future and is expected to have wider adoption given that our society is moving towards an all-digital world.

Support & queries
You can join our Discord Server Community and interact with other developers and can ask for any support you require.

In case of any other query, feel free to reach out to us at community.sawolabs@gmail.com

Top comments (0)