Next-gen security could see human embedded passwords
PayPal said it's the most effective way to stop people using easily guessed passwords
PayPal claims the future of security lies in human embedded chips for authentication rather than giving hackers the opportunity to guess obvious word and letter strings.
The company said even emerging tech such as fingerprint scanners - as seen on Apple's iPhones and iPads and Samsung smartphones and tablets - will be phased out alongside retina scanning technology before payment processing services like PayPal will even consider using them.
The reason? They create too many false negatives, so a valid user can't log in, in addition to false positives, allowing unauthorised users to log in.
The answer is authentication devices that can be ingested by humans, it claims. These devices already exist for a range of different medical applications including glucose detection, blood pressure monitoring and digestive health, but Jonathan LeBlanc, global head of developer advocacy at PayPal, has suggested it could be used as an identity validator too.
Another option is a brain chip implant that would allow humans to authenticate themselves to access services.
LeBlanc showcased a presentation entitled 'Kill All Passwords' which explores how passwords will be phased out in years to come.
He listed the most frequently used passwords, including '123456', 'password', '12345678', 'qwerty' and 'abc123', saying 40 per cent of people have a password included in the top 100 passwords list and 14 per cent have a password from the most used 10.
People use these obvious strings is because they often forget them, so want something easy to remember, he said.
"As long as passwords remain the standard methods for identifying your users on the web, people will still continue to use 'letmein' or 'password123' for their secure login, and will continue to be shocked when their accounts become compromised," he explained.
PayPal has since been in touch with a statement to make it clear it has no plans to develop such technology itself.
A spokeswoman said: "We have no plans to develop injectable or edible verification systems. It's clear that passwords as we know them will evolve and we aim to be at the forefront of those developments.
"We were a founding member of the FIDO alliance, and the first to implement fingerprint payments with Samsung. New PayPal-driven innovations such as one touch payments make it even easier to remove the friction from shopping.
"We're always innovating to make life easier and payments safer for our customers no matter what device or operating system they are using."
BCDR buyer's guide for MSPs
How to choose a business continuity and disaster recovery solutionDownload now
The definitive guide to IT security
Protecting your MSP and your customersDownload now
Cost of a data breach report 2020
Find out what factors help mitigate breach costsDownload now
The complete guide to changing your phone system provider
Optimise your phone system for better business resultsDownload now