Aetna will move from passwords to continuous behavioral authentication next year on its consumer mobile and web applications because it’s more secure and easier for the end user, says Jim Routh, the health insurer’s CISO.”Passwords as binary authentication tools have been standard but are really reaching an end of life. What’s necessary is more of a continuous-based authentication method based on algorithms,” Routh says in an interview with Information Security Media Group.Routh points to the recent Equifax breach, which exposed detailed information on 143 million U.S. consumers, as an example of why the password is no longer a secure form of access to accounts and web sites. For example, with so much stolen information about consumers now available for sale on the dark web, criminals can easily answer secret questions in a password reset scenario, he points out.

Source: Click here