Phishing gets stealthier: 4 ways to defend your brand
Phishing attacks are stealthier than ever, putting brands and their reputations at risk. Find out four ways to fend off fraudsters.
There’s a global password problem, and tech has a solution: The development of passkeys, also known as FIDO multi-device credentials, was announced by the FIDO Alliance in March of 2022.
What sort of havoc are passwords causing, you wonder? Here’s some data surrounding passwords and cybersecurity risks:
Passkeys are alternatives to passwords. Passkeys allow users to login to digital accounts and apps across different browsers and operating systems using biometric or device authentication methods like Face ID, fingerprint sensors, PINs, or patterns.
Passkeys can replace both passwords and SMS codes to meet multifactor authentication requirements in a one seamless step – meaning you can sign in to all of your online accounts from Gmail to iCloud to Netflix without ever again having to remember the password for each.
Example of how passkeys work in the wild
A primary use case for passkeys is when a user signs into an app or website, then approves the sign-in using the same biometric FaceID, TouchID, or PIN used to unlock the device versus using a less secure username or password.
In the simplest terms for the user, the passkey process looks like this:
Simply put, “passkeys stand to take passwords out of play for the vast majority of consumer use cases,” says Andrew Shikiar, Executive Director and CMO of FIDO Alliance, as he outlined the ways that FIDO authentication is playing a role in helping to improve the state of identity today at the Identity, Authentication, and the Road Ahead Cybersecurity Policy Forum in Washington, D.C. earlier this year.
Phishing attacks are stealthier than ever, putting brands and their reputations at risk. Find out four ways to fend off fraudsters.
An evolution of FIDO2 and WebAuthn, passkeys aim to solve security problems with passwords – particularly when it comes to large-scale consumer utilization and mobile workforces.
TechCrunch documented how Twilio and Cloudflare suffered major hacking attacks in late 2022. Twilio employees were targeted via text message and tricked into handing over their corporate login credentials and two-factor codes from SMS phishing messages that purported to come from Twilio’s IT department.
Fast forward to today and you can understand why experts are predicting a rise of passkey usage, as the number of cyberattacks targeting those organizations that continue to use traditional multi-factor authentication continues to rise.
Major tech players like Apple, Google, and Microsoft are committed to expanding support and availability of passkeys, with the FIDO Alliance offering users two new capabilities for even more seamless and secure passwordless sign-ins:
Passkeys are a powerful and effective way of keeping user data secure, while also providing a better user experience in the digital world versus passwords.