Every second, of every day, TeleSign protects the world's largest Internet and Cloud properties against fraud. TeleSign Intelligent Authentication provides an easy-to-implement and powerful method for identifying and substantially reducing online fraud and spam using the most widely deployed technology — a user's phone. The company protects 2.5 billion downstream accounts in more than 200 countries, offering localization services in 87 languages. In 2012, TeleSign ranked #23 on the Deloitte Technology Fast 500™ and was named a Visionary in Gartner’s User Authentication Magic Quadrant.
Info Security PG: How much has authentication evolved over the years? And why do most people still rely simply on passwords?
Charles McColgan: For most people it hasn’t evolved much at all. The main advancement that has been seen in modern Internet times (1995 to present) has been the introduction of stream based encryption for transmission of passwords. Before the advent of SSL and SSH people would transmit passwords in the clear over the Internet using protocols like telnet, ftp, and http. With SSL and SSH at least we now have a secure channel that data is passed over, unfortunately the attacks have now moved from the data stream to the endpoints (client or the server).
For more secure types of conversations the use of public key cryptography has dramatically increased security. That being said, most people still log into Gmail or their bank using a simple username and password, and in most cases the passwords that users are using are the same across all or most of their sites.
Why do people still rely on passwords? Because that’s what they are offered and in many cases it’s the only option. Some companies, like Google, have really been at the forefront of offering consumers better ways of securing themselves using things like Google Authenticator or Google’s 2-step verification (2SV). Both of these are very easy ways to make something the user knows, a password, much more secure by adding something that they have, a mobile app or a phone.