The path taken by access and identity management has been, over the past decades, a path of permanent evolution and marked by the pace of progression of adjacent technologies. This is an inevitable and fundamental path for the security of any organization and one that should be inseparable from the user experience.  

Actions such as unlocking devices by using biometric access, or entering a PIN code, or even scanning our passport, are authentication processes that allow the verification and confirmation of a user's identity in a modern and secure way. 

However, these processes are not always convenient along the user's journey by creating several layers of protection that make authentication difficult. Therefore, any moment of password reset for the user followed by a series of requirements for the new password, creates aversion for the inconvenience it causes. So the future of identity is guided by two pillars: a good user experience with enhanced security.

With the continued introduction of regulatory laws, such as the GDPR (General Data Protection Regulation), the protection and security of identities is the highest priority in any digital transition process. 

From the increasing duality between the rigidity of security systems and the provision of a good user experience emerge trends in identity management that dictate the future of digitalization.

Multi-Factor Authentication: Where is it headed?

Currently, access management is guided by authentication performed through several factors, individually or in combination. These factors may include: (i) something we know (password/PIN); (ii) something we possess (cryptographic authentication device, cell phone, temporary SMS verification); (iii) or something we are (biometric, fingerprint).

The beginning of the process of protecting identities in the digital sphere was the use of something we know, such as passwords or PINs, which are still the basis of these methods today. The acceleration of digitalization has made it necessary to create new authentication processes that ensure privacy and make access impenetrable.

Combining what we know with something we own, such as a temporary SMS verification, has been one of the emerging methods that users are already ingraining in their digital journey even when using personal services (email, social media, utilities).

But where can Multi-Factor Authentication evolve? Besides the development and maturation of biometric access, the path may evolve by the combination of something we know and something we are. In particular, by the intersection between a password and a fingerprint, for example.

Decentralization of Identities

The user expects that in his or her digital journey, the organization provides easy and responsive access to his or her online experience and does not require constant password entry. The user is not available to enter additional authentication factors.

As such decentralized digital identity plays an important role, considering that it is a standards-based system that can provide the user with greater privacy and control over data.

In this new paradigm, decentralized identity translates into an architecture where identifiers, such as usernames, can be replaced by independent IDs. In this way, they allow data exchange with technology and blockchain to protect privacy and ensure the security of operations.

Decentralized digital identity also promises to restructure the current digital and physical centralization of the identity ecosystem into a de-centralized and democratized architecture.

Self-Sovereign Identity – SSI

SSI, Self-Sovereign Identity, is an identity solution that uses credentials stored on a mobile wallet, which, in parallelism with offline, is close to storing cards with personal data. Through this solution, users can control access to data in a way that guarantees their freedom and autonomy. In addition, identity and devices are portable and there is interoperability between information.

The SSI model bridges existing gaps in control, consent and information transparency, which are overlooked by current identity management solutions.

Self-Sovereign Identity has the potential to remove the need to rely on an entity for control of identities and thus returns control back to the user.

Passwordless authentication

Passwordless multifactor authentication is based on the principle that passwords are no longer sufficient for a secure log-in process, with the goal of improving the user experience. It is a method to overcome the frustration associated with the security layers of Multi-Factor Password Authentication, without neglecting security and privacy.

Passwordless authentication eliminates the need to remember a password and, in addition to reducing the possibility of phishing, is compatible with most devices. Above all, it combines high security with user convenience.

This method builds the future of identity governance by making log-ins faster and more agile and ensuring a high level of security. Also, the associated IT costs are lowered by eliminating the need for password resets and reducing the number of support tickets.

The basic principle is that the access password is an instantaneous thing generated by user-controlled equipment that generates momentary access.

Get closer to the future of identities

Talk to us