Market Trends of US Hardware OTP Token Authentication Industry
This section covers the major market trends shaping the US Hardware OTP Token Authentication Market according to our research experts:
BFSI to Witness Significant Growth
- The banking, financial services, and insurance (BFSI) industry is one of the largest markets for hardware OTP token authentication globally and in the United States. Several revised laws mandate the usage of two factor and multi-factor authentication for BFSI transactions.
- Several organizations and governing bodies, such as Federal Financial Institutions Examination Council (FFIEC), New York State Department of Financial Services (NYDFS), and the Cybersecurity Regulation and National Association Of Insurance Commissioners (NAIC) have mandated the usage of multifactor authentication (MFA) to protect access to sensitive data for financial institutions, insurers, banks, and many other organizations.
- Initially, several BFSI players preferred hardware tokens for MFA. But the advent of smartphones is increasingly replacing this technology over time. Several banks and financial organizations have moving on to the mobile platforms. These reasons have been restraining the market growth.
- There is also a new class of hardware token devices seen in the market, called hybrid solutions. These solutions offer both contactless and connected experiences in a single piece of hardware and are drawing considerable attention from several BFSI vendors in the market.
- Moreover, the BFSI sector is also experiencing an increase in cloud workloads, where a significant amount of data is moved to the cloud. Further, the rising integration of the third party, such as mobile wallets, coupled with complex security infrastructure where many vendors are deployed around the ecosystem, is creating a significant security challenge in the sector.
- Thus, BFSI enterprises should adopt zero trust security model that will require strict identity verification for every user and device trying to access resources which have to be enforced with multi-factor authentication (MFA) that will ensure that security is met by insisting on more than one piece of evidence to authenticate a user.
Enterprise Security Holds a Significant Market Share
- According to the White House Council of Economic Advisers, the US economy loses approximately USD 57 billion to USD 109 billion per year to harmful cyber activity. Only 26% of companies use multi-factor authentication in the US.
- The number of attacks has grown exponentially, and a majority of enterprises in the country lack the resources to scale their security initiatives to provide adequate DDoS protection. The threat of DDoS is also driven by access to easy-to-use tools and by a broader criminal understanding of its profit potential through extortion. These attacks that directly target individuals and business systems could potentially lead to substantial financial losses.
- According to Akamai Technologies, in the United States, from November 2017 to April 2018, the highest percent of DDoS attack traffic was 30% comparing with other countries.
- Further, SSH (Secure Shell) provides a range of advanced security features, but it is still vulnerable to brute force attacks trying large numbers of passphrases until they get to hit upon the right one. One way for countering is passwordless login using cryptographic keys, but these are normally stored on a local drive or in the cloud, which makes them vulnerable to misuse and creates some management overhead.
- In February 2020, OpenSSH version 8.2 was out, and the future trend is that the world’s most popular remote management software now supports authentication using any FIDO (Fast Identity Online) U2F hardware token. This secure alternative is to put them on a USB or NFC hardware token, such as a YubiKey that ties a generated private key to that device. This means that authentication cannot happen without the token being present as well as requiring a physical finger tap by an admin.
- A player such as Protectimus Solutions LLP provides a wide variety of OATH compliant authentication methods providing several hardware OTP tokens. Protectimus TWO features Algorithms: TOTP (RFC 6238); SHA-1, SHA-256 (optional) and are produced with pre-installed secret keys with full water resistance (class IP68). Corporate use with Protectimus multi-factor authentication service to enhance cyber protection.
- Further, many organizations are heavily investing in PKI and other authentication schemes that have delivered on the passwordless value proposition for legacy on-premises apps. Players are now understanding what customers need and are backing up with new solutions.
- In February 2020, Thales released new passwordless authentication devices that can be used to log into Microsoft Azure AD apps and services. The devices are geared towards enterprise customers, and are compliant with the latest FIDO2 standards. To that end, the devices will act as a hardware token that can be deployed for PKI-FIDO use cases.