The first of these features is called “One Time Password,” which is an initiative that’s attempting to take the “two” out of two-factor authentication. Rather than requiring users to remember a password, eBay wants to send you a confirmation code via SMS that can keep the user logged in indefinitely. The goal is to keep users logged in regardless of how the code was used–allowing those who logged in via a mobile device or desktop more flexibility with their logins.
eBay is also working to allow account authentication through the use of the Touch ID sensor that’s found on more recent Apple devices. The goal is to eliminate the need to remember a password in the first place so that users of Apple products will be able to more efficiently use eBay’s services.
Of course, these services are bound to bring about questions regarding eBay’s motivation for creating such features. Senior Director for Identity and Member Communication Product Management Dave Comer stated: “One Time Password and Touch ID Authentication eliminate the need to remember your password when you want access to the eBay Marketplace… We all use so many applications that require passwords and login information that it is impossible for users to remember them all. We want to eliminate the friction entirely.”
eBay’s reasoning might make sense, but does the security hold up on its end of the bargain? Consider how easy it would be to accidentally leave eBay open on an unlocked workstation. Users could fall victim to either lighthearted pranks or financially motivated crimes. Passwords might make things more difficult for the user, but this difficulty is for their benefit. Complex passwords are more difficult to guess, which makes things more difficult for hackers.
In addition to these advancements, eBay plans on increased functionality with Android Wear devices. Users will soon be able to receive notifications on their wearable devices that show them items they may be interested in purchasing. Users will also be able to read and respond to messages through their smart device.
Yet, this presents a similar security problem. Wearable devices have consistently shown that they are less secure than other mobile devices, and much less so than desktop solutions. Unless eBay is implementing other serious security measures, these new features may not be worth the risk.
For the small and medium-sized business, eBay’s technological advancements should resonate. SMBs should be using two-factor authentication whenever possible, such as security systems which utilize a user’s smartphone to deliver an access code when logging into a network. This way, hackers will have a much harder time accessing an account–even if they’ve somehow managed to get a hold of legitimate credentials. Plus, new physical security solutions like pin pads and smart door locks can now be unlocked directly with an employee’s smartphone.
If your business is ready to tackle network security, Aspire can help. To learn more, reach out to us at (469) 7-ASPIRE.