Companies Need to Double Down on Dual-Factor Authentication

Companies Need to Double Down on Dual-Factor Authentication

Unfortunately there will always be bad actors in this world, people who don’t restrain themselves from trying to steal from others or to harm them. Because of this we need to accept the fact that hacking is here to stay and enhanced security measures will be required to protect ourselves from theft in our digital lives that can impact our real lives.

Some of my recent research in the hospitality industry identified that fraud is a large and increasing problem for hotels, resulting in unfilled inventory, credit card chargebacks, and loyalty point thefts from customers.

Personally, my Starbucks card account has been hacked – twice.

According to Chargeback.com:

“The percentage of cyber attacks targeting loyalty and rewards accounts nearly tripled from 2016 to 2017, with 48% of businesses being hit by ATO (Account Takeover) attacks. This has cost companies more than $2.3 billion worldwide.”

The most recent hack was foiled by a 24 hour cooldown period, preventing (or discouraging) thieves from being able to move about $25.00 off my Starbucks card onto theirs. But as I was setting up dual-factor authentication on my account and changing my password to keep the thieves from getting back into my account I noticed that the system was not set up well for a simple nuclear family – let alone a complicated family. Users are only able to enter a single phone number for the dual-factor authentication code to be sent to. I assume this is to make the system simple but it then makes it so that my wife can’t access the account.

Dual-factor authentication is going to become a mandatory requirement for logins to financially-linked accounts (including any site where you store your credit card details) and companies need to design their systems to accommodate spouses and potentially even children.

Companies should consider incorporating biometric methods of identity verification as the primary or secondary method of authentication as well, not just for security reasons but for ease of use/customer experience reasons too.

So, protect your customers folks, but remember how people live their lives as you’re designing your systems to keep them (and their money) safe.

Keep innovating!

About Braden Kelley

Braden Kelley is a Design Thinking, Innovation and Transformation consultant, a popular innovation speaker, workshop leader, and creator of The Change Planning Toolkit™. He is the author of Stoking Your Innovation Bonfire from John Wiley & Sons and Charting Change from Palgrave Macmillan. Braden has been advising companies since 1996, while living and working in England, Germany, and the United States. Braden is a US Navy veteran and earned his MBA from top-rated London Business School. Follow him on Twitter and Linkedin.
This entry was posted in Design, Strategy, Technology. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *