The Future of Security Tokens
December 29, 2011
•IADT Online, Information Technology
• 0 Comments
Advancing technology calls for increased security measures, and using security tokens is one way that banks and corporate employers have addressed the need.
Security tokens come in a variety of forms, from USB tokens to key fobs. Essentially, security tokens serve as physical passwords that supply a second form of authentication when you access a network. Security tokens often operate as password generators that produce one-time use codes. You have to type in the token’s code after you complete the first step of authentication, which is typically logging in with your username and password.
The current problem with security tokens is that they no longer do their job as well as we’d like them to. Some of the reasons why security tokens are becoming unsafe and outdated include:
- Inconvenience. Many users dislike security tokens because it’s another thing they have to carry around and keep track of.
- Training. Employees who are new to security token technology have to undergo training, which takes up many business hours.
- Getting hacked. If security tokens send verification information on the same channel used for the first level of authentication, they can become vulnerable to hackers. A second, separate channel should be used for an extra layer of protection.
- Pressure on information technology departments, who have to spend hundreds of hours a year on setup, maintenance, and training.
- Cost. Besides the hours of time lost due to training and implementation, the devices themselves are costly to hand out to each employee.
- Getting lost or stolen. The fact that security tokens are physical objects adds to the system’s vulnerabilities and maintenance costs for replacements.
- Longevity. The security tokens themselves can break, leaving an employee without a quick and easy authentication alternative. The tokens can also expire and get out of sync, making the generated passwords incorrect.
So what is the future of security tokens? Some manufacturers are now using phones instead of tokens and key fobs.
Phones are a promising alternative to security tokens for several reasons. First of all, they are convenient. Cell phones are widely used and don’t require users to carry an extra device. Second, you can log in easily on a phone. Employees enter their login information on their phone and receive a call, which they answer and reply to using a numerical code.
Logging in through phones is also safer and more cost-efficient. Phone authentication prevents traditional hacking methods, including types of malware that track and steal passwords typed on keyboards. The cost and time investment is significantly decreased for the company as well because extensive installation, training, and management is unnecessary.
Security tokens are still in the early stages of their evolution, so we’ll continue to see improved security methods using phones and other forms of technology.
This article is presented by IADT-Online. Contact us today if you’re interested in developing marketable knowledge and career-relevant skills with an industry-current degree program from IADT-Online.