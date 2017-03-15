by Kristina Knight

Kristina: What about consumers?

Michael Lynch, Chief Strategy Officer, InAuth: Until organizations shift away from a password-centric approach to security, consumers are going to need to do everything in their power to protect themselves, although study after study shows that old habits die hard. The most obvious habits that are highly discouraged by security professionals is keeping a master list of passwords on your device, and re-using the same password for multiple sites. The advent of biometric solutions will help better protect consumers, and biometric fingerprint technology is the most widely accepted type of biometric, primarily for its ease of use and consumer familiarity with it on their smart phones. When available, consumers should opt for the use of a biometric login over a password.



Kristina: What is a permanent device ID and what are the implications for them?

Michael: A permanent device ID is a way to identify a device and its riskiness. A mobile phone has hundreds of unique identifying attributes that are part of the device itself and can be used to uncover and analyze risk factors that could lead to potentially fraudulent activities. Having this insight provides businesses with the confidence they need to allow good consumers to transact with the least amount of friction, while at the same time, understanding devices with high-risk indicators so they can be challenged or denied outright to protect your organization. What makes a permanent device ID permanent [and InAuth is the only provider that has a permanent mobile ID] is the fact that it can survive an app uninstall/reinstall, as well as operating system upgrades. It also mitigates spoofing attempts. This lets businesses use the device itself as a trusted second factor (something you have) which is an important factor in multifactor authentication. With a permanent ID, you can authenticate your trustworthy customers in a few invisible steps and risky devices can be challenged or stopped and blacklisted if they are associated with negative activity or fraud.

Tags: ecommerce, ecommerce fraud, ecommerce trends, EMV trends, InAuth