Half a century ago, people thought that the average person wouldn’t remember a six-digit PIN*. A quarter century later, we got usernames and passwords by the bucketload. Now, we have so many loads of buckets, each of which are meant to have their own individual access codes, none of which we can remember, that the whole system is screwed. Welcome to the digital age.
This realisation often hits me because my kids are into Roblox. They have their usernames and passwords but, when playing Roblox on the Xbox, I often have to login to my Microsoft Account. I can never remember the username or password, but have it stored on my phone in a list of usernames and passwords that now runs to about ten pages (not that I ever print them out).
So the process goes: “dad, can you log us in?”
Me: “Sure”
I try to login and the first thing that happens is that it asks me to send an SMS to verify my identity. I do not have my phone, so I go back to my office to get the phone. Then I go back to the lounge to enter my username and password on the Xbox using the TV remote control.
It’s a really annoying process, and this is just one example.
A worse one is my banking.
I’m trying to transfer money from Wise to my landlord – yes, I am renting in Poland – and because it is from a business account, Wise asks for proof that it is me. They want me to upload a bank statement or similar, so I go to my bank and have several issues.
First is that I cannot login. Maybe it’s my browser but, after entering card numbers, PINs and more, they keep coming back saying there’s an issue. That’s online. So I try the mobile app and successfully login, but the app cannot show me any bank statements. Then, when I finally do get to download a bank statement, it says The Director of the Finanser Ltd, rather than Chris Skinner. It’s just darned annoying.
These are just two illustrations of how security does not work today and I wonder how many times do you go to a website and can’t remember the username and password? More than this, we get more and more barriers to access, such as face identification or fingerprint.
IDENTIFICATION, VERFICATION and AUTHENTICATION IS BROKEN
When we talk about Intelligent Finance, we need processes that recognise us for who we are, without having to jump through hoops to access. We need to remove the barriers.
The problem with this is that without barriers, there is no security. It is a balance between security, barriers and access. Without high security, you cannot access. But the basis of 2025 security systems are fundamentally flawed.
So, what’s the answer?
The obvious answer is digital identity that gives a single sign-on, forget all of this f multi-factor authentication (MFA) or two-factor authentication (2FA). What we need is simple sign-in. How would this work?
Well, I argued about this years ago, and cannot believe we have not solved the issue. The fact is that it is simple, using today’s technologies, to identify who I am, where I am, what I’m doing and why I need access. It should be seamless and flawless, and it seems unbelievable that in 2025 that we are still using systems of identification invented in the 1960s (some would say invented by the Romans 2,000 years ago).
The fact that nearly all of my usernames and passwords have been breached, hacked, leaked and lost is also a key part of this. There is no security. In other words, we keep raiseing barriers to access without addressing the weaknesses. For banks and other companies like Microsoft with the Xbox, you’ve made it harder for me to verify that I am me, whilst doing nothing to secure me from being hacked or breached.
So, what’s the answer? Put chips inside people or why don’t we try DNA? After all, if I can spit on my phone and gain immediate access, that’s far easier and, reference point, I’ve always wanted to spit on my bank.
* The inventor of the ATM, John Shepherd-Barron, credits his wife, Caroline Shepherd-Barron, with the idea to simplify the PIN to four digits instead of six because she could only remember four numbers. The four-digit PIN has become the global standard for ATMs due to this suggestion.
Chris M Skinner
Chris Skinner is best known as an independent commentator on the financial markets through his blog, TheFinanser.com, as author of the bestselling book Digital Bank, and Chair of the European networking forum the Financial Services Club. He has been voted one of the most influential people in banking by The Financial Brand (as well as one of the best blogs), a FinTech Titan (Next Bank), one of the Fintech Leaders you need to follow (City AM, Deluxe and Jax Finance), as well as one of the Top 40 most influential people in financial technology by the Wall Street Journal's Financial News. To learn more click here...