Forgotten passwords become history as authentication goes mobile

by Bill O'Hern

Today, everything requires passwords, passcodes, security questions, and user names. Imagine being able to skip this process entirely and sign in to your corporate network or a private database with only your fingerprint, or by clicking a button on your phone or smart watch.

At AT&T, we are making this happen. We’ve developed a new authentication system that’s mobile friendly, effortless, and highly secure. This means we can move away from today’s reality of forgotten passwords, pin codes, and user names without sacrificing security.

Our security experts have developed a new mobile-centric identity and access management strategy to provide a simple and seamless authentication experience that is better at detecting possible threats, preventing identity theft, and reducing security threats.

Productivity and security are paramount for today’s businesses. This authentication software will reduce the time required for users to login and prevent time required for password resets and lost passwords, while simultaneously reducing risk for our customers and our organization.

This system, called the AT&T Halo platform, uses a proprietary technology, built by our security teams to formulate a system that is not only smartphone friendly, but also smartphone-centric. This software allows the device to function as a master key to gain access to both digital content and physical building access, instead of IDs, passwords, and badges.

For example, with this technology, an employee could use a simple swipe of their fingerprint on their laptop (a capability many laptops already have, but do not have activated) to log in to their network. To get into a private database, their computer would simply send a notification to their phone, tablet, or smart watch, to ask the user to confirm they are logged in. The process takes all of two minutes, and allows users to move between tablets, smartphones, laptops, and desktop computers to meet their daily needs.

This system can authenticate a user based on the device they are using, their location, the network they are connected to, or even their physical characteristics, like fingerprints. These capabilities minimize both the work a user has to do to authenticate and the possible risk of an attacker being able to mimic an approved user to gain access to proprietary information.

Additionally, AT&T’s Halo platform uses analysis from our vast network to help prevent cybersecurity risks. With over 114 petabytes crossing our network every day, AT&T has unparalleled visibility into the latest and future threat patterns. This means we can help predict and manage new kinds of threats before they become a problem for our network or our customers.

We have also integrated enterprise mobile management capabilities to help roll out security updates and manage devices across an organization, certificate support to prevent private information from being communicated to the open Internet, and device-based PUSH technologies that provide automatic updates. As a result, the AT&T Halo platform serves as a real-time risk engine and supports a wide range of authentication processes.

AT&T is committed to security, and as threats continue to evolve, we’re helping to keep security easy so users can focus on what’s important to them.