What

AuthID has launched Human Factor Authentication, which combines device and biometric verification to confirm the security of both the device logging into a system as well as the person using the device. Where currently multifactor authentication involves a password and pin, AuthID contends that the future of cybersecurity is passwordless but still user-specific. 

Why

AuthID’s CEO, Tom Thimot, says a move to Human Factor Authentication is rooted in security needs. Eighty-two percent of data breaches are rooted in passwords, Thimot says, which validates a need for more rigorous and secure protection measures. 

AuthID also conducted a data security test at Money 20/20. It sent a fake phishing email to professionals working in fraud and security, offering backstage passes to the conference’s headline concert. Of 436 opens, 210 recipients clicked on the fake phishing link. “Everybody’s susceptible to fishing,” Thimot concluded, including those who “should know better than anybody else.”

The company also positions itself as an ethical holder of biometric data, setting itself apart from other biometric services such as ID.me and ClearviewAI. To Thimot, this positioning isn’t just because AuthID is beholden to different regulatory requirements as a publicly listed company. Ethical stewardship of users’ data—including anonymizing and siloizing clients’ databases—makes for a safer environment as well. 

How

From an operations standpoint, Thimot said a cybersecurity-focused company has to make sure its employees and processes don’t cut corners. Logistically, this means regular auditing to meet security standards like SOC2. AuthID makes sure that users’ biometric data is stored fully independently from client to client. 

From a people management perspective, Thimot said the era of “managing by walking around” was particularly useful, though a move to remote work and Zoom meetings has complicated that strategy. “We do try consciously to bring the company together face to face,” Thimot said. 

“I think you can tell quickly the people who work with integrity: Get them on a golf course and you’ll see who takes a score or two off, and who cuts corners around the edges on how they do things,” Thimot added. “Those are not the type of people you want to work with, because at the end of the day, when you’re a cybersecurity company, it’s important.” 

If a recession hits, AuthID anticipates at first a decreased appetite for new security solutions from clients’ procurement departments. It then expects an uptick in interest for Human Factor Authentication if financial crimes increase. It will continue building out robust people and product strategies in the meantime.