eBay Revamps Security Protocols. Should Your Business Follow Suit?

Internet companies are always seeking ways to improve and ease the experience of their customers and clients. Take, for example, eBay. The famous reselling site has been taking steps to install an assortment of new features to improve its customers’ experience.

eBay refers to the first of these recent improvements as “One Time Password,” which takes the second factor of two-factor authentication and turns it into a single factor. Rather than requiring account holders to remember a password, eBay will send a confirmation code to a user via SMS, which will keep the user logged in indefinitely after using that code to log in, regardless of whether the code was entered on a mobile device or desktop solution.

Additionally, eBay is hard at work to allow account authentication through the Touch ID sensor found in newer Apple devices--also replacing the need to remember a password for those who use Apple products.

According to eBay's Senior Director for Identity and Member Communication Product Management Dave Comer, “One Time Password and Touch ID Authentication eliminate the need to remember your password when you want access to the eBay Marketplace... We all use so many applications that require passwords and login information that it is impossible for users to remember them all. We want to eliminate the friction entirely."

While eBay’s reasoning makes sense, one has to wonder about the security of the transactions made by users with such features in place. After all, all it would take to become a victim of a crime, or even a prank with ramifications far beyond the prankster’s expectations, would be for an employee to leave eBay open on an unlocked workstation. While remembering passwords may be difficult, that difficulty is ultimately to the user’s benefit, as a difficult-to-remember password is harder to guess, thereby being inherently more secure.

The advancements eBay has proposed come with increased functionality for those who use Android Wear devices in conjunction with eBay. Android Wear users will soon be capable of receiving notifications to their wearable that direct them to items that may pique their interests, as well as read and respond to messages via their smart device.

This, too, brings up account security questions. Wearable devices are notoriously less secure than mobile ones, and even less than desktop solutions. Therefore, unless eBay has implemented some serious security measures, these innovations may be wise to pass on until more evidence is available regarding their security.

So what does this mean for small and medium-sized businesses? A whole lot, actually. Many agencies take advantage of two-factor authentication by implementing security systems in which the user’s smartphone receives a code when logging into the network. That way, not only a password is required to get access to your data, but also access to that user’s mobile device as well. Plus, new physical security solutions like pin pads and smart door locks can now be unlocked directly with a registered employee’s smartphone.

For more information and advice on how to handle network security in your own operations, be sure reach out to SMART Services at 586 258-0650 .

Let Smart Services position your agency for tomorrow’s technological challenges. For 25 years, Smart Services has helped agencies across the U.S. face a changing environment by providing innovative technology solutions that allow agencies to focus on growing their business. MyAGENCYcloud, our complete cloud solution, covers all your technology needs in the cloud or at your agency. In today’s competitive environment, it’s time to make your agency technology a strategic asset, instead of a liability. Let us show you how. To learn more, please call our expert agency technology advisor at 586-258-0650.