SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Multi-factor authentication to be the norm by 2020
Mon, 2nd May 2016
FYI, this story is more than a year old

Multi-factor authentication has become commonplace as a number of industries, particularly the government sector, is looking to strengthen security measures.

Amrita Choudhury, Technavio lead analyst IT security, has highlighted the key industries that will play a key role in the growth of multi-factor authentication technologies in the few years up to 2020.

She says, “In 2015, the BFSI sector held a market share of 45.98% in the global multi-factor authentication market. The PCI sector followed with 21.19%, the government sector with 12.9%, the healthcare sector with 5.77%, and the others segment with 14.16.

According to Choudhury, “The market share of the government sector is likely to increase during the forecast period because as it is a target of many attempts of data and identity theft. To overcome this menace, the government sector is increasingly adopting multi-factor authentication to secure its network resources, PCs, mobile phones, and desktop applications.

Technavio's latest report highlights four key emerging trends predicted to propel the market over the next few years.

Introduction of OOB authentication

Technavio defines OOB authentication as that which uses two separate networks that work simultaneously to identify a user. This authentication technology is a type of two-factor authentication and works well even if a fraudulent user gains all security credentials to a user's account - the transaction is not complete without access to the second authentication network.

The OOB authentication method is cheaper to deploy compared to keys and more complex biometric technologies. Hardware OOB authentication tokens and mobile phone-based OOB authentication tokens such as SMS and back-up calls are the OOB authentication methods available.

Emergence of cloud multi-factor authentication

With the increase in maintenance costs for hardware and software-based, two-factor, and three-factor authentication models, companies are showing interest in adopting cloud-based multi-factor authentication solutions, Technavio says. To tap this opportunity, vendors are integrating multi-factor authentication techniques with the cloud, according to the analysts.

Companies prefer adopting cloud-based multi-factor authentication solutions because of benefits such as pay per use, improved reliability and scalability, easy installation and upgradation, reduced dependency on internal IT personnel, and zero maintenance costs.

It ensures secure access to networks and applications, addresses compliance requirements for the security of regulated data, and protects users, while improving user experiences, simplifying deployments, and reducing costs associated with traditional hardware tokens. Riding on this trend, a growing number of cloud providers are offering robust authentication measures and role-based access controls to end-users, Technavio says.

Introduction of unified platforms for authentication purposes

The global multi-factor authentication market includes software and hardware authentication solutions. Some cost-conscious organisations have shifted to the use of software authentication methods, whereas certain government organisations are still continuing using the hardware authentication method, Technavio says.

As a result, vendors are introducing unified platforms that can provide both hardware and software authentication solutions. This will further reduce the costs involved in maintaining separate platforms and modules, and will thereby enable users to switch easily to other authentication solutions, according to the analysts.

Increased adoption of multi-factor authentication in SMBs

A number of SMBs are conscious about investments and cannot afford high-end token authentication devices. Hence, the decline in the price of hardware OTP tokens has led to its increased adoption among cost-conscious SMBs in less developed regions, Technavio says.

Increase in online transactions have led to cyber-attacks resulting in the increased adoption of hardware devices. Hence, to enhance the security of critical data in organisations, it becomes important for them to adopt hardware OTP tokens. Sectors such as BFSI, PCI, government, and healthcare are standardising the use of hardware OTP tokens, and making it mandatory for all organisations to use hardware OTP tokens for data security, according to the analysts.