Top 4 Authentication Findings from IBM’s Future of Identity Study

biometrics identity authentication IBM

We’ve written before about the changing face of authentication embodied by the changing public perceptions of passwords and biometrics. Recent surveys have highlighted a popular warming to fingerprints as a reliable and convenient alternative to the much reviled memorized string of numbers and letters that have long dominated identity management’s security methods.

Now, though, we have even greater proof of a sea change in authentication and identity access management. IBM Security today released the findings of the IBM Security: Future of Identity Study, in which they surveyed nearly 4,000 respondents in the U.S., Europe, and Asia Pacific (APAC). The findings indicate that the landscape in IAM is shifting not only radically but rapidly; the future may have yet unexpected demands.

Here are the top 4 findings:

1. Security More Important Than Convenience in the Public Eye

It appears the public has truly spoken on the question we asked last week. According to the survey’s respondents, security trumped over convenience as an authentication value. This trend overwhelmingly applies to banking, investment, and other financial applications: for those apps,  70% valued security in their authentication, and only 14% selected convenience. 16% selected privacy.

This defies conventional wisdom on the subject, which said that consumers would favor faster authentication measures over secure ones. Yet the only apps in which convenience was favored more highly than security were social media.  

2. Biometrics Continue to Rise in Popularity

We’ve seen in previous studies that biometrics are only seeing an increase in popularity, and IBM’s findings prove no different on that front. 67% of the respondents said they were completely comfortable with biometric authentication methods, and 87% said they would become more comfortable with it in the future.

Additionally, 44% of the respondents—the majority of those asked—ranked fingerprint biometrics as the most secure method of authentication. Passwords and PIN were considered the least secure, with only 27 percent and 12 percent respectively considering it secure.

3. Millenials Make All the Difference

The difference in the perceptions of what constitutes secure authentication between generations is staggering. 75% of millennial respondents (defined as between the ages 20-36) are comfortable with biometrics today. Less than half of millenials will follow password best practices, including using complex characters or not reusing their passwords. They are also far more likely than older generations to utilize password manager solutions. Meanwhile, closer to half of respondents over the age of 55 will use complex characters.

Interestingly, adults under the age of 24 tended to show the strongest preference for convenience in their authentication at 47%.  

4. Locations Impacts Password and Authentication Perspectives

Biometrics aren’t just gaining popularity in the U.S.; it’s part of a global authentication revolution. In fact, 61% of APAC respondents said they were knowledgeable with biometrics, as opposed to 40% of EU respondents, and 34% of U.S. respondents. 78% of those surveyed in APAC countries said they were comfortable using biometrics as an authentication method.

In fact, the U.S. might be the Luddite when it comes to authentication: 23 percent of U.S. respondents said they in no way interested in using biometrics ever, which is nearly double the global average.

Final Thoughts

We think that Limor Kessem, Executive Security Advisor of IBM Security, said it best:  

“In the wake of countless data breaches of highly sensitive personal data, there’s no longer any doubt that the very information we’ve used to prove our identities online in the past is now a shared secret in the hands of hackers.”

“As consumers are acknowledging the inadequacy of passwords and placing increased priority on security, the time is ripe to adopt more advanced methods that prove identity on multiple levels and can be adapted based on behavior and risk.”

Time will tell, but it does indeed seem that two factor and multi-factor authentication is on the way in…and passwords are definitely on the way out.

You can download the full report here.

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner