Ping Identity CISO Robb Reck says the promise of future continuous, risk-based authentication is better security and improved convenience. By using multifactor authentication, Ping Identity can use sensors in people's phones and laptops to continuously authenticate users and allow them to access their resources based on the quality of that ongoing trust. This process only calls for authentication when trust is lost, and then only requests the level of assurance required for the type of transaction the user wants to make.
"The key to a successful end-user experience is providing it regardless of the device the consumers are connecting from," Reck says. "A huge portion of consumer-facing businesses, such as online retail, have moved to the smartphone, so any customer experience initiative needs to consider that platform from the start."
Ping plans to replace passwords with push notifications to mobile devices and offer scannable QR codes, which produce one-time passcodes for users, Reck says. With the PingID mobile SDK, enterprises can balance security and convenience for customers by embedding advanced MFA functionality directly into their own iOS or Android mobile apps. This lets organizations allow their customers to log in with easier methods than having to remember a password.
The same goes for laptops and PCs, Reck adds. Organizations are replacing passwords and supplementing them in the sign-on process to these devices.
"By adding multifactor authentication to processes like Windows login, organizations can either remove password requirements and instead have employees use a friendlier range of mobile push authentication methods, or use those in addition to passwords for a more secure logon process," Reck says. "We're also implementing Windows Hello as an authentication factor in PingID with the same intention."
Image Source: Ping Identity