Verizon’s 2014 Data Breach Investigations Report claimed that “The writing’s on the wall for single-factor, password-based authentication on anything internet facing”. It’s true, with two out of three data breaches attributed to lost or stolen user names and passwords, multi-factor authentication is fast becoming the norm. Of course multi-factor authentication does not prevent the theft of credentials but it does help protect against the fraudulent re-use of those credentials.
Yesterday Verizon announced that it had added QR Code login as a new feature of their Universal Identity Services. Users sign up for a Verizon Universal ID from a participating webpage and then download a mobile app that can scan a dynamically generated QR code on a login page. Once the user’s identity is confirmed they are authenticated to the website. The QR code login can be used alone or combined with a PIN number or password for transactions that require stronger security (video below).