Talking Logins – Insights from leading tech experts on what’s in store for the rest of 2023

Whether it’s enhancing revenue potential as a retailer, adhering to ever tightening iGaming and sports betting legislation or maximising security as a fintech provider – one thing is sure. Logins are set to be a huge talking point in 2023.

Remembering many complex passwords is impossible so their inevitable re-use means they are no longer a safe way to protect our online worlds. Moreover, following the data breach endured by LastPass in August, are password managers about to have their fall from grace too?

SMS text and One Time Passcodes are cumbersome, unreliable and expensive. If you’re in a no reception zone they don’t even work.

Is single-step, passwordless multi-factor authentication the way to go in 2023? Some of the most influential cyber security leaders have their say.

Seasoned cyber security industry guru, and pioneer, Correy Voo, said: “2023 will see a consolidation in authentication solutions with growing emphasis on password-less methods, more intuitive MFA, and more solutions allowing individuals to assume responsibility for their own identity data and owning the rights to use that data. Archaic and esoteric forms of authentication such as SMS OTP will finally become obsolete.”

Andy Mulcahy, Strategy and Insight Director at IMRG, the UKs e-commerce association commented: “Online retail sales fell -10.5% in 2022, the lowest growth rate on record and the first time it has been into negative territory for a full year. With trading conditions being so difficult at the moment, we are forecasting a further decline of -3% for 2023. Since growth is proving so elusive, many retailers are focusing on how they can improve the overall customer experience to help convert new traffic and keep existing customers coming back. Where they choose to apply that focus depends on their proposition, but the checkout is a key area where pushing up conversion even slightly can make a big difference to revenue.”

Leading London cybersecurity PR agency, Eskenzi, shares their insights. Beth Mead, Senior Account Director at this dynamic and influential media shop said: “We’re already seeing more industry-wide mandates for stronger authentication, particularly in light of PSD2’s SCA requirements that came into force last year. Similar to many other regulated areas, like seatbelts in cars or speed limits, people generally aren’t receptive to changing their behaviours until they become regulated – even if it is for their own good or the wider good. For this reason, it’s likely that multi-factor authentication and other security measures will become mandatory for more and more online services. Having worked in cybersecurity for over 25 years, Eskenzi has witnessed literally thousands of data breach headline stories. Changing password behaviours is a slow process, but with more regulation and cybersecurity providers like MIRACL who are making it simpler to log in securely and reduce pain for users, there is light at the end of the tunnel.”

Professor William (Bill) J Buchanan, OBE, Professor of Applied Cryptography at Edinburgh Napier University added: “I hope 2023 will be the year where we take digital trust seriously. Unfortunately, the Internet we have built is often deeply flawed in its trustworthiness, and this untrustworthiness leads to the many cybersecurity threats that we see.

“2023 should see a focus on the citizen, and their privacy, their identity and digital rights. Let it be a time when we can properly start to share data and use it for good, rather than it being a focus for companies to harvest it. And, let’s educate our next generation about the opportunities that cryptography brings to our world, and show them the tools that can truly model our existing world in a more trustworthy, resilient, and secure way. The Internet is one of the greatest achievements of humankind ever created, so now let’s build it properly!”

Rob Griffin, CEO at MIRACL sees 2023 as the year in which authentication will be high on the agenda for digital operators. He said: “For the last 30 years, the password has basically been the only option for B2C operators so admin systems have provided little insight as to how well those passwords are fulfilling their role; i.e. are they successfully taking users to their account? But if the door to your store is jammed, you need to know! Now that there are other authentication options, organisations will start to review their login success rates more than ever before as it represents a big opportunity to grow sales and enhance user satisfaction.”

“Another trend for 2023: Regulators around the world are losing patience with the inevitable breaches and account takeovers that passwords cause. Going forward regulators will increasingly demand operators protect their customers properly. The advent of new legislation demanding MFA in online consumer settings will require operators to consider how to avoid friction in the login process that could otherwise jeopardise their business.  Only single-step MFA is capable of meeting the simultaneous requirement for user experience and security. This trend is already happening in Gaming but many sectors will follow suit. Operators across many sectors, such as travel, hospitality, loyalty and retail, will be looking for effective multi-factor authentication that does not add friction to the login process, but enhances its usability. This represents a win-win opportunity for a better customer experience and increased profit potential.”

Finally, Crypto specialist, Dr Michael Scott believes 2023 will see the demise of Bitcoin, and despite a move towards a passwordless online environment from a number of tech giants they will still play a key role in authentication. He concluded: “Passwords will continue to be the main means for authentication, however FIDO will continue to fail to gain serious traction. Bitcoin will collapse as miners give up on mining as being unprofitable, and some-one launches a successful 50% + 1 attack. A quantum computer that threatens cryptography will seem further away than ever.”

MIRACL is the world’s fastest single-step and passwordless multi-factor authentication login favoured by gaming organisations, retailers such as Rite Aid and big tech such as Experian. Users authenticate with a 4-digit PIN. Software-based and API-enabled to work from any device or browser, means a quick and seamless integration with any device or platform being used. The software doesn’t store personal data, passwords or PINs, so it’s fully resistant to remote attacks – with zero security vulnerabilities. The old notion that your account login must trade off between security and usability  is no longer true, MIRACL offers both at the same time.

For further information visit www.miracl.com