Business Reporter: How passkeys give businesses an edge over cyber criminals in the online fraud arms race
LONDON, UNITED KINGDOM, February 7, 2024 /EINPresswire.com/ -- In a video and a series of three articles published on Business Reporter, Christopher Harrell, Chief Technology Officer at Yubico talks about how the company’s device-bound passkey technology offers a better safeguard against online fraud–especially phishing –than legacy authentication, such as passwords and multi-factor authentication (MFA). As Yubico’s State of Global Enterprise Authentication Survey points out, 59 per cent of business accounts are still using usernames and passwords as a primary method to authenticate their accounts.
The adoption of a more robust, phishing-resistant authentication method is highly overdue also because the spread of generative AI offers criminals new tools to improve the efficiency of their phishing attacks by creating more convincing video and audio deep fakes, as well as more authentic-looking emails to dupe their victims. Although machine learning (ML)-based technologies can also be leveraged to detect AI-based attacks, a paradigm shift in authentication will radically limit cyber criminals’ opportunities to take over employee accounts.
Passkeys seamlessly authenticate users by using cryptographic security “keys” stored on their computer or device, and are considered a superior alternative to passwords , which can be forgotten, stolen or intercepted. There are two forms of passkeys on the market – syncable and device-bound passkeys. The latter, which have been around since 2018 in the form of security keys, provide the highest level of protection and are a proven technology to stop attacks. The user of a device-bound passkey must prove their physical presence by touching the device, whereas a syncable passkey is shared across multiple accounts in the cloud. Passkeys can be set up with practically any user account and there are also more advanced types for corporate users where credentials can be pre-registered.
With device-bound passkeys, credentials are stored in the device itself, so user names and passwords can’t be transferred to another system without the user’s knowledge. On the other hand, if the physical key is stolen, it can’t be used without knowing the PIN/login credentials tied to the device and to which accounts it is set up to authenticate.
The YubiKey was created by Yubico to stop account takeovers in their tracks and make secure login easy and available for everyone.t. It’s built on the proven WebAuthn/FIDO2 (Fast Identity Online) security protocol, which offers users much better protection than legacy authentication methods like OTPs, where users can have SMS authentication codes stolen from them directly through a SIM swapping attack.
To learn more about the different types of products and services by Yubico, watch the video and read the articles.
About Business Reporter
Business Reporter is an award-winning company producing supplements published in The Guardian and City AM, as well as content published on Business Reporter online hubs on Bloomberg.com, Independent.com, Business Insider Germany and Le Figaro, delivering news and analysis on issues affecting the international business community. It also hosts conferences, debates, breakfast meetings and exclusive summits.
www.business-reporter.co.uk
About Yubico
Yubico (Nasdaq First North Growth Market Stockholm: YUBICO), the inventor of the YubiKey, offers the gold standard for phishing-resistant multi-factor authentication (MFA), stopping account takeovers in their tracks and making secure login easy and available for everyone. Since the company was founded in 2007, it has been a leader in setting global standards for secure access to computers, mobile devices, servers, browsers, and internet accounts. Yubico is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F) open authentication standards, and is a pioneer in delivering modern, hardware-based passkey authentication security at scale to customers in over 160 countries.
https://www.yubico.com/
The adoption of a more robust, phishing-resistant authentication method is highly overdue also because the spread of generative AI offers criminals new tools to improve the efficiency of their phishing attacks by creating more convincing video and audio deep fakes, as well as more authentic-looking emails to dupe their victims. Although machine learning (ML)-based technologies can also be leveraged to detect AI-based attacks, a paradigm shift in authentication will radically limit cyber criminals’ opportunities to take over employee accounts.
Passkeys seamlessly authenticate users by using cryptographic security “keys” stored on their computer or device, and are considered a superior alternative to passwords , which can be forgotten, stolen or intercepted. There are two forms of passkeys on the market – syncable and device-bound passkeys. The latter, which have been around since 2018 in the form of security keys, provide the highest level of protection and are a proven technology to stop attacks. The user of a device-bound passkey must prove their physical presence by touching the device, whereas a syncable passkey is shared across multiple accounts in the cloud. Passkeys can be set up with practically any user account and there are also more advanced types for corporate users where credentials can be pre-registered.
With device-bound passkeys, credentials are stored in the device itself, so user names and passwords can’t be transferred to another system without the user’s knowledge. On the other hand, if the physical key is stolen, it can’t be used without knowing the PIN/login credentials tied to the device and to which accounts it is set up to authenticate.
The YubiKey was created by Yubico to stop account takeovers in their tracks and make secure login easy and available for everyone.t. It’s built on the proven WebAuthn/FIDO2 (Fast Identity Online) security protocol, which offers users much better protection than legacy authentication methods like OTPs, where users can have SMS authentication codes stolen from them directly through a SIM swapping attack.
To learn more about the different types of products and services by Yubico, watch the video and read the articles.
About Business Reporter
Business Reporter is an award-winning company producing supplements published in The Guardian and City AM, as well as content published on Business Reporter online hubs on Bloomberg.com, Independent.com, Business Insider Germany and Le Figaro, delivering news and analysis on issues affecting the international business community. It also hosts conferences, debates, breakfast meetings and exclusive summits.
www.business-reporter.co.uk
About Yubico
Yubico (Nasdaq First North Growth Market Stockholm: YUBICO), the inventor of the YubiKey, offers the gold standard for phishing-resistant multi-factor authentication (MFA), stopping account takeovers in their tracks and making secure login easy and available for everyone. Since the company was founded in 2007, it has been a leader in setting global standards for secure access to computers, mobile devices, servers, browsers, and internet accounts. Yubico is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F) open authentication standards, and is a pioneer in delivering modern, hardware-based passkey authentication security at scale to customers in over 160 countries.
https://www.yubico.com/
Business Reporter
Press
+ +44 20 8349 6488
email us here
Legal Disclaimer:
EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.