While grabbing my morning coffee, my server gave me a cybersecurity lesson we can all learn from.
Millions of people all over the world rely on coffee for a functioning work day. This is, to say the least, stating the obvious. People’s accepted addiction to coffee is the subject of a multi-billion-dollar industry.
Trust in your coffee shop
On the face of it, this has very little to do with online security – another industry that millions of people and organizations the world over rely on to complete their day-to-day activities conveniently, quickly, and safely. However, if we consider the relationship that millions of people have with their barista, an analogy for security solutions – more specifically, trust in security solutions – presents itself.
Many people will have a coffee shop close to their hearts. It might be near to their office, home, or university, and they will frequent it regularly. They may strike up a relationship with their barista.
In this relationship, your barista, let’s call him Peter, will see you almost every day. He sometimes starts pouring your daily tall Americano as you walk through the door. He knows when you’re likely to come into the shop, your name (or the name you’ve told him to write on the cup), and your face. These factors allow a relationship of trust to be fostered between the barista and the customer. But what is this trust based on?
How your barista recognizes you
Although Peter sees you every day, knows your habits, face and (alleged) name, he doesn’t actually know much about you. He has no access to your personally identifiable information (PII), your address, Social Security Number, or any of the other pieces of data that can help identify you as you. What Peter does have though is access to your behavior; he knows you are a regular, one who is likely to return.
He knows you are friendly and polite and have every intention of paying. The relationship that is built up over time allows Peter to know with certainty that you are not trying to scam him out of a coffee.
What’s more, what he knows about you is incredibly difficult – if not impossible – for someone else to replicate.
Helping companies become more like your barista
Most systems of authentication use Personally Identifiable Information (PII) or usernames and passwords as a way of identifying returning customers. However, as it has been demonstrated time and again by a never-ending succession of data breaches, this is simply not working. PII, once stolen and put up for sale on illicit marketplaces, is as easy to access as a pair of pants from Amazon.
With passive biometrics, however, security companies such as NuData use factors to establish a good user that don’t rely on PII and username/password authentication systems, with near pinpoint accuracy. Monitoring patterns such as the speed at which users’ type, or press down on their buttons or keypads, passive biometrics organizations cross-reference this with known user data, to establish whether the users are who they say they are.
These detailed, unique, and impossible-to-replicate metrics avoid reliance on passwords and usernames as the only barrier between account data and fraudsters.
When these metrics are applied correctly, they provide unparalleled levels of trust between customers and businesses; the same trust that leads Peter to prepare your tall Americano as soon as he sees you rounding the corner to come in.
Multi-layered solutions that include behavioral biometrics are designed to increase trust; trust between customers and organizations, and between employees and employer. The breaches that have populated our news feeds of late 2017 have damaged this trust on all fronts, but by changing the metrics used to measure the integrity of an account holder (of any kind), passive biometrics solutions can rebuild this trust in a frictionless, fool-proof way.
Related to this post: How Well Do You Know Your Customers?
Authenticating on today’s breached world? Watch our webinar featuring Forrester analyst firm.
Want to read more posts like this? See our full blog here.