Next-gen security could see human embedded passwords

PayPal said it's the most effective way to stop people using easily guessed passwords

PayPal claims the future of security lies in human embedded chips for authentication rather than giving hackers the opportunity to guess obvious word and letter strings.

The company said even emerging tech such as fingerprint scanners - as seen on Apple's iPhones and iPads and Samsung smartphones and tablets - will be phased out alongside retina scanning technology before payment processing services like PayPal will even consider using them.

Advertisement - Article continues below

The reason? They create too many false negatives, so a valid user can't log in, in addition to false positives, allowing unauthorised users to log in.

The answer is authentication devices that can be ingested by humans, it claims. These devices already exist for a range of different medical applications including glucose detection, blood pressure monitoring and digestive health, but Jonathan LeBlanc, global head of developer advocacy at PayPal, has suggested it could be used as an identity validator too.

Another option is a brain chip implant that would allow humans to authenticate themselves to access services.

LeBlanc showcased a presentation entitled 'Kill All Passwords' which explores how passwords will be phased out in years to come.

He listed the most frequently used passwords, including '123456', 'password', '12345678', 'qwerty' and 'abc123', saying 40 per cent of people have a password included in the top 100 passwords list and 14 per cent have a password from the most used 10.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

People use these obvious strings is because they often forget them, so want something easy to remember, he said.

"As long as passwords remain the standard methods for identifying your users on the web, people will still continue to use 'letmein' or 'password123' for their secure login, and will continue to be shocked when their accounts become compromised," he explained.

Update, 23/04/15:

PayPal has since been in touch with a statement to make it clear it has no plans to develop such technology itself.

A spokeswoman said: "We have no plans to develop injectable or edible verification systems. It's clear that passwords as we know them will evolve and we aim to be at the forefront of those developments.

"We were a founding member of the FIDO alliance, and the first to implement fingerprint payments with Samsung. New PayPal-driven innovations such as one touch payments make it even easier to remove the friction from shopping.

"We're always innovating to make life easier and payments safer for our customers no matter what device or operating system they are using."

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Recommended

Visit/security/encryption/355820/k2view-innovates-in-data-management-with-new-encryption-patent
encryption

K2View innovates in data management with new encryption patent

28 May 2020
Visit/technology/artificial-intelligence-ai/355716/what-is-tiny-ai
artificial intelligence (AI)

What is Tiny AI?

20 May 2020
Visit/software/video-conferencing/355410/zoom-50-adds-256-bit-encryption-and-ui-refresh
video conferencing

Zoom 5.0 adds 256-bit encryption to address security concerns

23 Apr 2020
Visit/security/hacking/355382/whatsapps-flaw-shoulder-surfing
hacking

WhatsApp flaw leaves users open to 'shoulder surfing' attacks

21 Apr 2020

Most Popular

Visit/operating-systems/microsoft-windows/355812/microsoft-warns-against-installing-windows-10-may-2020
Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020
Visit/security/data-breaches/355777/easyjet-faces-class-action-lawsuit-over-data-breach
data breaches

EasyJet faces class-action lawsuit over data breach

26 May 2020
Visit/security/cyber-security/355797/microsoft-bans-trend-micros-rootkit-buster-from-windows-10
cyber security

Microsoft bans Trend Micro driver from Windows 10 for "cheating" hardware tests

27 May 2020