Next-gen security could see human embedded passwords

PayPal said it's the most effective way to stop people using easily guessed passwords

PayPal claims the future of security lies in human embedded chips for authentication rather than giving hackers the opportunity to guess obvious word and letter strings.

The company said even emerging tech such as fingerprint scanners - as seen on Apple's iPhones and iPads and Samsung smartphones and tablets - will be phased out alongside retina scanning technology before payment processing services like PayPal will even consider using them.

The reason? They create too many false negatives, so a valid user can't log in, in addition to false positives, allowing unauthorised users to log in.

The answer is authentication devices that can be ingested by humans, it claims. These devices already exist for a range of different medical applications including glucose detection, blood pressure monitoring and digestive health, but Jonathan LeBlanc, global head of developer advocacy at PayPal, has suggested it could be used as an identity validator too.

Another option is a brain chip implant that would allow humans to authenticate themselves to access services.

LeBlanc showcased a presentation entitled 'Kill All Passwords' which explores how passwords will be phased out in years to come.

He listed the most frequently used passwords, including '123456', 'password', '12345678', 'qwerty' and 'abc123', saying 40 per cent of people have a password included in the top 100 passwords list and 14 per cent have a password from the most used 10.

People use these obvious strings is because they often forget them, so want something easy to remember, he said.

"As long as passwords remain the standard methods for identifying your users on the web, people will still continue to use 'letmein' or 'password123' for their secure login, and will continue to be shocked when their accounts become compromised," he explained.

Update, 23/04/15:

PayPal has since been in touch with a statement to make it clear it has no plans to develop such technology itself.

A spokeswoman said: "We have no plans to develop injectable or edible verification systems. It's clear that passwords as we know them will evolve and we aim to be at the forefront of those developments.

"We were a founding member of the FIDO alliance, and the first to implement fingerprint payments with Samsung. New PayPal-driven innovations such as one touch payments make it even easier to remove the friction from shopping.

"We're always innovating to make life easier and payments safer for our customers no matter what device or operating system they are using."

Featured Resources

Preparing for AI-enabled cyber attacks

MIT technology review insights

Download now

Cloud storage performance analysis

Storage performance and value of the IONOS cloud Compute Engine

Download now

The Forrester Wave: Top security analytics platforms

The 11 providers that matter most and how they stack up

Download now

Harness data to reinvent your organisation

Build a data strategy for the next wave of cloud innovation

Download now

Recommended

PayPal to put hate group funding under the microscope
Security

PayPal to put hate group funding under the microscope

26 Jul 2021
1Password Business review: First choice for business travel and guest accounts
Security

1Password Business review: First choice for business travel and guest accounts

16 Jul 2021
Keeper Security review: Keeps corporate password management simple
Software

Keeper Security review: Keeps corporate password management simple

9 Jul 2021
Dashlane review: A very web-focused password manager
Security

Dashlane review: A very web-focused password manager

2 Jul 2021

Most Popular

RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
UK gov considers blocking Nvidia's takeover of Arm
Acquisition

UK gov considers blocking Nvidia's takeover of Arm

4 Aug 2021
Zyxel USG Flex 200 review: A timely and effective solution
Security

Zyxel USG Flex 200 review: A timely and effective solution

28 Jul 2021