At a recent cybersecurity conference, Sangeeta Ranjit from Microsoft shared some alarming insights regarding the state of digital security. According to her, the past year has seen a staggering increase in password attacks, with incidents nearly doubling to over 7,000 per second. This surge includes a significant 58% rise in phishing attempts, underscoring the urgent need for more robust security measures.
Cybercrime Costs on the Rise
Ranjit, who leads product development for Microsoft’s security division, projected that by 2027, the global cost of cybercrime could soar to an astonishing trillion. In light of these figures, she proposed a promising solution: the adoption of passkeys, which serve as a biometric alternative to traditional passwords.
During her keynote at the FIDO Authenticate 2024 conference, Ranjit, alongside colleague Scott Bingham, discussed the challenges associated with transitioning users to passkeys. However, they expressed optimism about the future, forecasting that hundreds of millions of users might embrace this technology within the next year.
One significant barrier to widespread acceptance is the enduring reliance on passwords. Ranjit emphasized that for passkeys to thrive, the era of passwords must come to an end. Microsoft plans to phase out password creation for new accounts and eventually discontinue support for passwords altogether.
Interestingly, consumer sentiment appears to be shifting. Research indicates that users are increasingly frustrated with passwords, while fraudsters continue to exploit them. A report by PYMNTS highlighted this sentiment, labeling the development of passkeys as one of the year’s most crucial security advancements, already being adopted by major players like Mastercard and Visa.
Mark Nelsen, Visa’s senior vice president and global head of consumer payments, illustrated the potential of passkeys in enhancing transaction security. He noted that with immediate facial scans, transactions could be processed seamlessly, eliminating the need for post-transaction identity verification.
In a related discussion, Adam Lowe, Ph.D., chief product and innovation officer at CompoSecure/Arculus, emphasized the advantages of hardware-bound passkeys. These require a physical device, offering potentially superior security compared to their cloud-stored counterparts. Lowe highlighted the importance of proving identity effortlessly, particularly in banking applications, where security breaches have shown the vulnerabilities of cloud-stored information.
