From pictures to passwords: the rise of emoji authentication
With the language firm Today Translations recently announcing that it is hiring its first Emoji translator, the evolution of emojis from a novelty into a part of today’s digital world and generation is clear.
Through the use of facial expressions and pictures, emojis have created a universal language which can be understood by people the world over. In fact the ‘Faces with Tears of Joy’ emoji was chosen as the Oxford Dictionary’s word of the year, just in case you’re questioning its linguistic legitimacy. Inevitably, the new alphabet and subsequent language is finding interesting new uses, with the potential for improving security, and more specifically passwords, possibly being an exciting avenue for emojis.
Currently, and on the command of internet security experts, we create passwords that are a puzzling combination of upper and lower case letters, numbers and symbols; all the while, different for every single account in our name. As the complexity of passwords leads them to become more difficult to remember, this in turn leads to security issues, such as people committing the cardinal sin of writing down or saving passwords on unencrypted documents.
With their rising popularity, memorable images and wide range of characters, emojis are an interesting choice of symbol for the authentication process.
Given that there are nearly 3.5 million unique permutations of 44 non-repeating emojis compared to the 7,290 of four non-repeating numbers and a whole host of branded emojis all the way from Kim Kardashian to Disney, you could be forgiven for thinking that this may lead to even more confusing variables. But actually because of their unique, distinctive and instantly recognisable nature, the variables might not only make it harder for fraudsters to hack accounts, but potentially make it easier for us to remember.
But how would this work for business? If a picture paints a thousand words then the 3.5 million that emojis paint could be soon adopted by companies and organisations. Before they do this though, it might be worth considering whether customers would only be using mobiles or tablets where the emoji keyboard is easily accessible for the authentication process. If so would – would people only be able to login on tablets and mobiles or would they need to have two logins for both platforms? Or perhaps it may not be long until we see real life emoji keyboards for computers.
Using emojis could well be a method of getting the remaining few stragglers on to online banking. In the US where there is a slower adoption, security and password fears make up part of the reason why people resist.
But is the emoji really the answer? Given the high rate of visual recall, we could be led to believe that this could end the blight of password resets, after all who could forget the smug, yellow, tears of joy face? However the problem for emojis lies in whether this is a feasible move for online authentication.
If emoji passwords are going to work, a meeting point needs to be found between the security benefits and the practicalities. Given that device agnostics are a simple solution that has already been presented to the market, now could be the time to strengthen the authentication process. But with the rise of emojis and the continued evolution as a universal language we may see them infiltrate our lives more and more.