Digital Identity Challenge: The Security and Convenience Dilemma
ResumoThis paper argues that the essential pieces of an enduring digital identity should be privacy, security, and convenience. Authentication should be frictionless. In this sense, the core of the digital identity of the future will be created around location sensing techniques. Incognia proposes a solution to secure and frictionless authentication for mobile apps that is composed of five steps. Its proprietary technology called environment fingerprinting can identify location spoofing and precisely determine the devices actual location. Incognia has found that most mobile logins, sensitive transactions, and purchases occur at trusted locations. To date, 90% of mobile logins and 89% of mobile banking sessions happen at a trusted location. Experimental results show false-negative rates below 0.004% and a decrease of over 85% of account takeover attacks.
Dey, A. K. (2001). Understanding and using context. Personal and ubiquitous computing, 5(1):4–7.
Morris, R. and Thompson, K. (1979). Password security: A case history. Communications of the ACM, 22(11):594–597.
Naor, M., Rotem, L., and Segev, G. (2020). The security of lazy users in out-of-band authentication. ACM Trans. Priv. Secur., 23(2).
Ometov, A., Bezzateev, S., Ma ̈kitalo, N., Andreev, S., Mikkonen, T., and Koucheryavy, Y. (2018). Multi-factor authentication: A survey. Cryptography, 2(1).
Raza, M., Iqbal, M., Sharif, M., and Haider, W. (2012). A survey of password attacks and comparative analysis on methods for secure authentication. World Applied Sciences Journal, 19(4):439–444.
Rees-Pullman, S. (2020). Is credential stuffing the new phishing? Computer Fraud & Security, 2020(7):16–19.