Password-less authentication is the future, says Lucideus’ Saket Modi
As many as 28 occasions of dark web exposure for my decade-old Gmail ID – an embarrassing number popped on the Safe Me application.
Fortunately, most of the breached passwords were ancient ones, and of the time when I was too careless to understand the importance of two-factor authentication, risks of re-using the same and probably predictable passwords, and reckless app memberships that force you to sign up to give you basic information. Nonetheless, it was a much-needed reality check which I needed.
I (assume) am not alone in underestimating these risks. Awareness about cybersecurity has increased, but multiple occasions of major corporate breaches and reports of credentials flooding dark web reveal a lot is left. Can an application like Safe Me play a role in helping increase awareness?
In case you did not know, Safe Me launched for Android and iOS users last week. Developed by cybersecurity firm Lucideus, the app gives users insights on breach likelihood, exposure on the dark web, and an algorithm-driven score on their safety. The algorithm has been developed as joint research with MIT and leverages Artificial Intelligence (AI) and Machine Learning (ML). The score is on a scale of zero to five based on a combination of elements such as exposure on the deep and dark web, cybersecurity awareness, and device security, among others.
The brainchild of Saket Modi, a well-known name in the cybersecurity space, Safe Me is aimed at making people more aware of online privacy.
“If you notice the SAFE Me app, it takes no permissions to see your pictures, locations, nothing. Because a lot of people are like - “Oh if you are giving something for free, you are selling my data”. So we decided not to take any permission and don't want to sell your data, and consumers deserve something free of cost in true sense. And by the way, SAFE Me also does not have any form of ads,” he said in an interview to Hindustan Times.
Modi also pointed out a change users' work patterns and subsequent cyber risks in the last few months.
“We figured in the last 9 months, the boundary between personal and professional has almost disappeared. Both of us are now working from home right? You use the same laptop to share messages with friends and use the same laptop to write a story and submit it to your Editor. Similarly, you use the same WhatsApp for your professional and personal work. We felt that there is an intersection and the difference is dissolving very fast. Therefore, when we decided that we are going to launch an app which focuses on the human element of security which we call Re-engineering cyber-consciousness,” he added.
As said earlier, Safe Me application shows you information on the dark web exposure. If your data is out there on the dark web, there is nothing you can do get it extracted or removed. Instead, users need to quickly change passwords and take other necessary actions.
“If you ask, can I delete this data [from the dark web], the answer is no? Because now it has been copied in gazillion places and nobody can keep a track…. So what you can do with the exposure on the deep and dark web is fairly limited apart from the fact that you will not use it anywhere else, or change the password,” he explained.
That said, internet companies have too realised consumers' stress of remembering complicated passwords and risks of their re-use. Already, we have seen efforts from the likes of Microsoft to build a password-free regime. The ecosystem, however, is still in its infancy and may take years to mature.
Modi too agrees that the future is password-less. But he cautioned that it may still need additional layers of security to keep cybercriminals at bay.
“The future is passwordless where your passwords is not a phrase or a note that you remember but something unique such as your fingerprint or retina, or your picture etc. Can that never be hacked? Of course, it can be. But that is where you add multi-factor authentication where you get a code on your phone or use an authenticator application,” he explained.