Insurance quotation website 3XD to try life without passwords

Passwords were supposed to boost customer safety, but one firm has dec ided to ditch them

Insurance quotation website 3XD to try life without passwords

Technology

By Paul Lucas

Online security has arguably never been more important with a sharp rise in cyber breaches in recent years.
The most basic form of security, of course, is a password – something unique that will at least shield us from primary level attacks. 

However, now it seems that the days of the password may be behind us – at least in the eyes of one insurance-focused firm.

3XD, the business-to-business insurance quotation website, based in Preston, Lancashire, has decided to cast aside passwords over concerns about customer safety. David Fulluck (pictured), chief executive of the company, which has been in operation since 2006 and provides brokers across the UK with insurance quotations, believes that a change was necessary given the current environment.

“Like most businesses in the financial technology sector, we’re acutely aware of the alarming level of hacking and data breaches which occurred in 2016, and feel security has to be tightened up urgently,” he explained. “But until now, the big question has been - how?”

Want the latest insurance industry news first? Sign up for our completely free newsletter service now.

The answer to that question has come in the form of Shayype, a fintech firm that takes static passwords out of the equation because everyone logs in with a different code each time – theoretically making it more difficult for hackers to capture unique passwords and reuse them. 

“Efficiency on its own is not enough these days,” added Mr Fulluck. “We need to offer a far higher level of security alongside. At present, we use industry-standard usernames and passwords, and while right now there’s perhaps no great risk to our subscribers’ security, we’re keen to raise the bar on behalf of ourselves and the entire sector in which we operate.

“Most of the information security specialists out there seem to push either outdated ‘2-factor’ hardware that users have to carry, or texting codes to mobiles - a practice now frowned on by many experts, as it’s so easy to take over another person’s mobile account.

“Our website is currently undergoing a major overhaul and trialling Shayype later this year will be part of that. We will test the system internally at first and then roll it out as an option to subscribers.”

Shayype uses dynamic login codes each time, with the firm noting that it is “about to launch” a programme of user trials via an online test facility.

 

Related stories:
Yahoo discovers another data breach, reveals one billion accounts exposed
Social media and webcams at work pose cyber threat: Symantec

Keep up with the latest news and events

Join our mailing list, it’s free!