Cybersecurity News in Asia

Take-up rate for Australia’s myGov passkey protection can be better

By CybersecAsia editors | Tuesday, July 30, 2024, 1:10 PM Asia/Singapore

The usual resistance factors to the adoption of passkeys could be at play here…

The government of Australia recently announced the adoption of passkeys for their citizens’ digital identity portal, myGov, in order to enhance security against account takeover attacks.

Thousands of myGov accounts had been suspended monthly in the past, due to turnkey scam kits being sold on the Dark Web that had enabled more cybercriminals to phish for login credentials.

However, despite the launch of better security features, reports have indicated that around 20,000 sign ups in the week of the launch — indicating a need to increase the take-up rate.

Passkeys tackle many problems associated with traditional passwords, such as vulnerability to brute force attacks, phishing and credential stuffing, especially when passwords are reused or weak. By eliminating the need for complex passwords and offering built-in phishing protection, the myGov passkeys make unauthorized access much more difficult. They also streamline the sign-in process, reducing the burden of managing multiple passwords and encouraging stronger security practices.

According to Darren Guccione, CEO and co-founder, Keeper Security: “Passkeys utilize public-key cryptography, replacing traditional passwords with a pair of cryptographic keys: a private key stored securely on the user’s device and a public key registered with the service provider. The authentication process with passkeys, though technically advanced, is simplified for users through biometric challenges. When a user attempts to access their myGov account, the service provider sends a challenge to their device. The device then signs this challenge with the private key and returns the signed response for verification. Since the private key never leaves the device, passkeys offer robust protection against phishing attacks.”

In the past, passkeys adoption around the world had posed challenges. Users familiar with passwords had been reluctant to switch to a new authentication method without fully grasping its benefits, Guccione added: “Additionally, since passkeys are linked to specific devices, accessibility can be an issue. This is where password managers can play a crucial role, as they allow users to store both passwords and passkeys securely, ensuring access from any device or platform.”

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

2024 Insider Threat Report: Trends, Challenges, and Solutions
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
AI-Powered Cyber Ops: Redefining Cloud Security for 2025
The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
Data Management in the Age of Cloud and AI
In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
Mitigating Ransomware Risks with GRC Automation
In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper

Middle-sidebar-banner

Case Studies

HOSTWAY gains 73% operational efficiency for private cloud operations
With NetApp storage solutions, the Korean managed cloud service provider offers a lean, intelligent architecture, …Read more
CISOs can navigate emerging risks from autonomous AI with a new security framework
See how security leaders can adopt layered strategies addressing intent, governance, and oversight to manage …Read more
MoneyMe strengthens fraud prevention and credit decisioning
Australian fintech strengthens risk management with SEON to scale lending operations securely and efficiently.Read more
PT Kereta Api Indonesia announces nationwide email and communication overhaul
The state railway operator’s upgraded email system improves privacy, operational reliability, and regulatory alignment for …Read more

Featured

The AI paradox in cybersecurity

Featured

Addressing Asia Pacific’s rising insider threats

Featured