Regardless of whether you’re a tech entrepreneur, the average Joe or somebody between these extremes, you suffer from password frustration. We all do. It seems like every website we visit, every item we buy, every business we study wants us to set up an account with a password.
No wonder the most-used (and worst) passwords continue to be “123456” and everyone’s favorite—“password.” You don’t fall into this group, do you? Those may be OK passwords for your fantasy baseball group but there’s a reason that most financial websites demand stronger passwords, a combination of letters, numbers, uppercase letters and symbols that is harder for automated password-cracking software to breach.
Financial institutions also are on the leading edge of next-generation security measures that go beyond the password. Two-step authentication is a good first step, the transmission of an email or text with a special code to allow log in.
But many financial institutions and companies that safeguard proprietary data are going many steps beyond the password and two-step authentication, moving into the realm of proactive profiling, which can assume many forms. At its most general, proactive profiling helps match a person’s account number or identity to the computing device they are using or other profile.
For example, security protocols on websites that allow logon through one’s Facebook or Gmail account can check to make sure whether the computer has been used before. If you have logged into Gmail from a new device or unusual location and received a text/email saying there was a new logon, that’s proactive profiling at work. Software also can quickly check how long an account has been open and whether an IP address is linked to fraudulent activity. This check generates a score—scores below a preset threshold are held for additional security checks.
But the level of threats keeps rising, prompting more companies to adopt proactive customer profiling protocols, even companies not in the financial sector. According to Verizon’s 2016 Data Breach Investigations Report, nearly two-thirds of confirmed data breaches were traced to weak, stolen or default passwords.
What’s the password policy for your company and its systems? Do you require a strong password or changing the password every few weeks or months? Does forcing employees to frequently change their passwords frustrate them or cause them to record the latest password on a stickie note?
Companies that employ proactive profiling techniques have to walk a fine line between enhancing security while not increasing the amount of “friction” between users and how they interact with companies. Users can be fickle, and increasing the number of steps required to complete a transaction or making them wait while a security check is performed can mean the difference between a successful transaction and user frustration.
Proactive profiling, when used in conjunction with a strong password and other security protocols, can help companies increase overall data security while staying firmly in touch with user needs and preferences.