Connect with us

Politics

Social Sign-on: Sure, it’s convenient. But is it really safe? – ReadWrite

Published

on

social sign on's


Remembering passwords is always a hassle, especially when you have innumerable websites that require logging in to view or interact with their content. To make the process simpler (as little as a couple of clicks), webmasters worldwide have accepted and implemented social logins on their websites.

Social Sign-on: Sure, it’s convenient. But is it really safe?

So, what exactly is social login? How different is it compared to the traditional method of inputting your credentials such as username, email address and password manually? More importantly, is it safe enough for use on all kinds of browsing activities?

Disadvantages of Social Sign-On

In this article, we answer all the above questions and more, helping you understand what social sign-on is, and what the disadvantages of this convenient method are.

The history of social logins

Social sign-on as a method of hassle-free authentication has been around for over a decade now. Back in the nascent days of the modern internet in 2008, Facebook launched Facebook Connect, a service aimed at simplifying registrations on websites.

Once webmasters enabled FB Connect on their websites, visitors to the site would no longer need to fill up lengthy registration forms to sign up for the website’s offerings.

All they needed to do was connect their existing Facebook account to the website, enabling direct access to the site with a click of a button.

In 2009 and 2010, Twitter and LinkedIn respectively enabled their users to socially login to other sites using their existing social network credentials.

Google+ followed suit in 2011, and although no longer active as Google+, it still supports social sign-on using a Google account.

While it all sounds very convenient, social sign-on has many drawbacks and challenges that impact both website visitors and website owners.

Social Sign-on: The challenges and disadvantages

The Trust Factor

Most internet users do not trust the websites they browse to store and utilize their personal information safely and responsibly. Often, website visitors are concerned about how the information they have shared will be used.

In a June 2020 survey conducted by Insider Intelligence, 32% of US Facebook users felt that they somewhat disagreed that the platform could keep their data and privacy secure.

Not everyone has the time or patience to read the data handling and privacy policy put forth by a website, so they simply choose to be cynical of the data they share on such sites.

Data Accuracy

People tend to be wary of the private information they share online; they often resort to uploading falsified or inaccurate information about themselves on social media.

Considering that these social media sites do not verify or vouch for the authenticity of their user’s information, this could be less than ideal for a website looking for accurate data while accepting new user registrations.

In 2019, Facebook released data that said that 16% of the accounts on its platform are fake/duplicate accounts created by individuals or companies. What’s more worrisome are the findings of the research team at NATO StratCom that suggest 95% of the reported fake accounts still continued to remain active, with no action taken by the social media website.

With no checks on the actual profile that’s being used to socially sign-on to your website, you could soon have an imposter, Donald Trump or Joe Biden signing up for your global warming newsletter or purchasing a bag of your freshly powdered Mexican coffee.

Not everyone’s social — nor on social

While we talk about social media, we need to understand that although it is a global phenomenon with an insanely large number (read 3.6 billion) of people using it, there is still a sizeable chunk (>50%) of the population that is not on social media.

Using a restrictive method, you risk alienating a section of society that could be your potential target audience.

Transfer of Power

Enabling social sign-on seems pretty enticing at first, considering it would cut down your authentication work significantly. But this very ‘benefit’ could end up costing you dearly, as you lose control over your visitors’ data to a third-party service provider, i.e., the social media network.

Should there be any downtime at the social media service’s end, your website visitors would be stranded, unable to login to your site or access their data?

Access Control Issues

Many internet access places tend to have controls in place when it comes to accessing social media. For example, corporate and educational networks generally block access to social websites. Certain countries like Iran, China, Syria, and North Korea have blanket bans on the most popular social websites.

Social sign-on still depends on an API call-back to the social networking site to authenticate the user. Thus, by having social sign-on set up on your website, visitors authenticating on your site through these networks would end up facing a website with broken functionality.

Security concerns

Social media accounts are often the target of several hacking and phishing attempts. Thus, if your user’s social media account is hacked, it could lead to their account on your site being compromised as a result.

A University of Maryland study revealed a hacking attempt every 39 seconds on average, affecting a third of Americans every year.

Hacked social accounts could have an adverse impact on your website as well, by performing activities that might eat up your server resources or corrupt your files, if your security is not up to the mark. Secure authentication is the need of the hour, and knowledge of the security practices will help solve these concerns.

Too much to choose

People use many social media websites, so keeping a single social login can be counterproductive. However, providing multiple methods to login could likely confuse or overwhelm your visitor, leading to lower conversion or sign-up rates.

Lesser data to work with

Using a social sign-on for your website would mean limited access to user data, especially email. Not every social media network allows websites to access the customer’s email address. For businesses that rely on customer information for lead generation, this would be a major deal-breaker.

Awareness of all the security practices and malpractices (sawolabs dotcom) will help educate users as well as the website owners.

If not social sign-on, then what?

All the above drawbacks would make webmasters question the efficacy of social sign-on. But then, is there a better alternative that does not include such shortcomings?

Say hello to passwordless authentication powered by SAWO Labs. A new-age solution designed to address all concerns of security, compatibility and functionality.

Image Credit: yellow graphic — from author; thank you!

 Top Image Credit: karolina grabowska; pexels; thank you!

Akshay Shetye

Akshay Shetye

“SAWO – Secure Authentication Without OTP – is a B2B2C service-based company whose API Integration enables one-tap authentication on your app (Android, iOS) and web to provide a passwordless and OTP-less authentication experience. We are a secure, sustainable, and cost-effective solution to making a business passwordless and OTP-less.”

Politics

Fintech Kennek raises $12.5M seed round to digitize lending

Published

on

Google eyed for $2 billion Anthropic deal after major Amazon play


London-based fintech startup Kennek has raised $12.5 million in seed funding to expand its lending operating system.

According to an Oct. 10 tech.eu report, the round was led by HV Capital and included participation from Dutch Founders Fund, AlbionVC, FFVC, Plug & Play Ventures, and Syndicate One. Kennek offers software-as-a-service tools to help non-bank lenders streamline their operations using open banking, open finance, and payments.

The platform aims to automate time-consuming manual tasks and consolidate fragmented data to simplify lending. Xavier De Pauw, founder of Kennek said:

“Until kennek, lenders had to devote countless hours to menial operational tasks and deal with jumbled and hard-coded data – which makes every other part of lending a headache. As former lenders ourselves, we lived and breathed these frustrations, and built kennek to make them a thing of the past.”

The company said the latest funding round was oversubscribed and closed quickly despite the challenging fundraising environment. The new capital will be used to expand Kennek’s engineering team and strengthen its market position in the UK while exploring expansion into other European markets. Barbod Namini, Partner at lead investor HV Capital, commented on the investment:

“Kennek has developed an ambitious and genuinely unique proposition which we think can be the foundation of the entire alternative lending space. […] It is a complicated market and a solution that brings together all information and stakeholders onto a single platform is highly compelling for both lenders & the ecosystem as a whole.”

The fintech lending space has grown rapidly in recent years, but many lenders still rely on legacy systems and manual processes that limit efficiency and scalability. Kennek aims to leverage open banking and data integration to provide lenders with a more streamlined, automated lending experience.

The seed funding will allow the London-based startup to continue developing its platform and expanding its team to meet demand from non-bank lenders looking to digitize operations. Kennek’s focus on the UK and Europe also comes amid rising adoption of open banking and open finance in the regions.

Featured Image Credit: Photo from Kennek.io; Thank you!

Radek Zielinski

Radek Zielinski is an experienced technology and financial journalist with a passion for cybersecurity and futurology.

Continue Reading

Politics

Fortune 500’s race for generative AI breakthroughs

Published

on

Deanna Ritchie


As excitement around generative AI grows, Fortune 500 companies, including Goldman Sachs, are carefully examining the possible applications of this technology. A recent survey of U.S. executives indicated that 60% believe generative AI will substantially impact their businesses in the long term. However, they anticipate a one to two-year timeframe before implementing their initial solutions. This optimism stems from the potential of generative AI to revolutionize various aspects of businesses, from enhancing customer experiences to optimizing internal processes. In the short term, companies will likely focus on pilot projects and experimentation, gradually integrating generative AI into their operations as they witness its positive influence on efficiency and profitability.

Goldman Sachs’ Cautious Approach to Implementing Generative AI

In a recent interview, Goldman Sachs CIO Marco Argenti revealed that the firm has not yet implemented any generative AI use cases. Instead, the company focuses on experimentation and setting high standards before adopting the technology. Argenti recognized the desire for outcomes in areas like developer and operational efficiency but emphasized ensuring precision before putting experimental AI use cases into production.

According to Argenti, striking the right balance between driving innovation and maintaining accuracy is crucial for successfully integrating generative AI within the firm. Goldman Sachs intends to continue exploring this emerging technology’s potential benefits and applications while diligently assessing risks to ensure it meets the company’s stringent quality standards.

One possible application for Goldman Sachs is in software development, where the company has observed a 20-40% productivity increase during its trials. The goal is for 1,000 developers to utilize generative AI tools by year’s end. However, Argenti emphasized that a well-defined expectation of return on investment is necessary before fully integrating generative AI into production.

To achieve this, the company plans to implement a systematic and strategic approach to adopting generative AI, ensuring that it complements and enhances the skills of its developers. Additionally, Goldman Sachs intends to evaluate the long-term impact of generative AI on their software development processes and the overall quality of the applications being developed.

Goldman Sachs’ approach to AI implementation goes beyond merely executing models. The firm has created a platform encompassing technical, legal, and compliance assessments to filter out improper content and keep track of all interactions. This comprehensive system ensures seamless integration of artificial intelligence in operations while adhering to regulatory standards and maintaining client confidentiality. Moreover, the platform continuously improves and adapts its algorithms, allowing Goldman Sachs to stay at the forefront of technology and offer its clients the most efficient and secure services.

Featured Image Credit: Photo by Google DeepMind; Pexels; Thank you!

Deanna Ritchie

Managing Editor at ReadWrite

Deanna is the Managing Editor at ReadWrite. Previously she worked as the Editor in Chief for Startup Grind and has over 20+ years of experience in content management and content development.

Continue Reading

Politics

UK seizes web3 opportunity simplifying crypto regulations

Published

on

Deanna Ritchie


As Web3 companies increasingly consider leaving the United States due to regulatory ambiguity, the United Kingdom must simplify its cryptocurrency regulations to attract these businesses. The conservative think tank Policy Exchange recently released a report detailing ten suggestions for improving Web3 regulation in the country. Among the recommendations are reducing liability for token holders in decentralized autonomous organizations (DAOs) and encouraging the Financial Conduct Authority (FCA) to adopt alternative Know Your Customer (KYC) methodologies, such as digital identities and blockchain analytics tools. These suggestions aim to position the UK as a hub for Web3 innovation and attract blockchain-based businesses looking for a more conducive regulatory environment.

Streamlining Cryptocurrency Regulations for Innovation

To make it easier for emerging Web3 companies to navigate existing legal frameworks and contribute to the UK’s digital economy growth, the government must streamline cryptocurrency regulations and adopt forward-looking approaches. By making the regulatory landscape clear and straightforward, the UK can create an environment that fosters innovation, growth, and competitiveness in the global fintech industry.

The Policy Exchange report also recommends not weakening self-hosted wallets or treating proof-of-stake (PoS) services as financial services. This approach aims to protect the fundamental principles of decentralization and user autonomy while strongly emphasizing security and regulatory compliance. By doing so, the UK can nurture an environment that encourages innovation and the continued growth of blockchain technology.

Despite recent strict measures by UK authorities, such as His Majesty’s Treasury and the FCA, toward the digital assets sector, the proposed changes in the Policy Exchange report strive to make the UK a more attractive location for Web3 enterprises. By adopting these suggestions, the UK can demonstrate its commitment to fostering innovation in the rapidly evolving blockchain and cryptocurrency industries while ensuring a robust and transparent regulatory environment.

The ongoing uncertainty surrounding cryptocurrency regulations in various countries has prompted Web3 companies to explore alternative jurisdictions with more precise legal frameworks. As the United States grapples with regulatory ambiguity, the United Kingdom can position itself as a hub for Web3 innovation by simplifying and streamlining its cryptocurrency regulations.

Featured Image Credit: Photo by Jonathan Borba; Pexels; Thank you!

Deanna Ritchie

Managing Editor at ReadWrite

Deanna is the Managing Editor at ReadWrite. Previously she worked as the Editor in Chief for Startup Grind and has over 20+ years of experience in content management and content development.

Continue Reading

Copyright © 2021 Seminole Press.