BlackBerry has a long and rich history of partnering with industry and government organizations to help improve cybersecurity. As part of the Board of Directors of the National Cyber Security Alliance, BlackBerry is proud to support initiatives to help consumers better protect their digital privacy.
Earlier this week, President Obama unveiled the Cybersecurity National Action Plan, which includes an investment of over $19 billion for cybersecurity as part of the Fiscal Year 2017 Budget, a 35 percent increase from the previous year. One of the key aspects of the plan is to “empower Americans to secure their online accounts by moving beyond just passwords and adding an extra layer of security.” Later the same day, the National Cyber Security Alliance (NCSA) announced an expansion of multi-factor authentication-focused education through their STOP. THINK. CONNECT. program. This program is supported by many of the world’s top tech companies, including Google, Microsoft, Visa and of course, BlackBerry.
Authentication is obviously a critical aspect of security – if you don’t know who’s trying to access the system, you have no way to know whether to give them access. Passwords are currently the de facto standard for online authentication, but that’s changing for a number of reasons:
- Passwords are hard to remember. As we create more and more digital accounts for everything from online investing to mobile gaming, we need to create new and unique passwords and remember them all.
- Passwords are easy to steal. From spyware to server hacking to phishing to brute force attacks, there are numerous ways for attackers to get your password, some of which you have little to no control over.
- Passwords get weaker over time. Brute-force attacks rely on computing power to guess passwords – as computers naturally get faster, cracking passwords becomes much easier.
The good news is that there are many other forms of authentication. We can broadly look at them in three categories:
- Something you know. This includes passwords, PINs, secret questions/answers and anything else that relies on you remembering something.
- Something you have. This includes credit cards, access badges, passports and anything else that you carry with you for identification.
- Something you are. This includes physiological biometrics such as fingerprints, face recognition and retinal scans, and behavioral biometrics like voice, typing rhythm and even the unique way that you walk (known as your gait).
Multi-factor authentication combines two or more of these forms to create authentication that is more secure and often easier to use than any single factor could provide. A bit of simple math shows us why: If a hacker has a 10% chance to crack a single factor, they have a 1% chance to break two similar independent factors. If a hacker has a 1% chance to break a single factor, the probability goes down to 0.01% with a second factor.
Credit cards are a great example of the benefits of two-factor authentication. When you use your credit card to buy something in person, you usually authenticate with something you have (the physical card) and something you know (your PIN or signature). This is obviously different online, where the only authentication is often something you know (the credit card number). Not surprisingly, online credit card fraud far outweighs physical card fraud, which is why some credit card companies actually charge merchants higher fees for an online (“card not present”) transaction than a transaction at a retail store (“card present”).
How Does BlackBerry Support Multi-Factor Authentication?
You might not realize it, but every time you unlock your mobile device with a password, PIN or other lock mechanism, you’re actually doing multi-factor authentication. The second factor is… your mobile device. The fact that you physically have the device in your hands provides a much higher level of authentication than if you didn’t. And the fact that you lock your device with password/PIN protects you in case your device is lost or stolen.
Where multi-factor authentication becomes much more important is when you’re accessing things online. We offer a Strong Authentication solution for enterprises that use your mobile device as a second factor when you want to log in to your company VPN, and we work with partners like Google and Facebook to support two-factor authentication systems for consumers (click the links if you want to learn more).
BlackBerry 10 supports smart card authentication and Picture Password, a unique authentication method that protects against shoulder surfing and other hacking methods. PRIV by BlackBerry also lets you take advantage of Android’s new Smart Lock, which lets you unlock your device using trusted devices (e.g. your Bluetooth-enabled car or watch), trusted places (e.g. your house), and even biometrics like your face, your voice and your body. And last but definitely not least, every single BlackBerry device makes simple passwords secure.
Multi-factor authentication has the potential to revolutionize the way we authenticate to electronic systems by making it both easier and more secure. Imagine a world where you no longer need to remember dozens of long passwords with uppercase letters, lowercase letters, numbers and symbols. Imagine a world where contextual systems automatically recognize your behavior and only ask you to authenticate when the behavior changes (e.g. logging in from a new location). But most of all, imagine a world where you no longer need to worry about your passwords being stolen and your online accounts getting hacked. That’s what we at BlackBerry, Google and many other leading technology companies are all working towards.