India leads in adoption, usage of multi-factor authentication, finds Thales

India has the highest percentage increase of multi-factor authentication (MFA) adoption and highest overall percentage of MFA usage among all countries, according to a new industry report, which added that with a 19-percentage point rise, MFA usage in India in 2022 was recorded at 66%, as compared to 56% globally. 

The Thales Access Management Index 2022 conducted by research firm 451 Research, said, India’s 19 percentage point rise, is followed by Singapore with a 17-percentage point increase in adoption to 64%, and UAE with a 10-percentage-point increase, to 65%," said Thales Access Management Index conducted by research firm 451 Research. 

MFA is a layered approach to securing data and applications where a system requires a user to present a combination of two or more credentials to verify a user’s identity for login, such as passwords, personal identification numbers (PIN), answers to supposedly secret questions (such as “Where were you born?” or “What’s your favourite pet’s name?” and so on).  

“The strong growth in adoption of MFA in India points towards greater awareness and a commitment towards ensuring high levels of security in enterprise environments,” Ashish Saraf, vice president and country director at India at Thales said. 

The report further stated MFA adoption is on the rise for internal and non-IT staff with MFA adoption increasing to 40% in 2022 as compared to 34% in 2021. Also, the global MFA usage was highest at 68% in remote workers. It was followed by 52% of the privileged users. 

The report also points to the fact that with the rise in MFA adoption, the number of professionals globally with very high concerns about the security risks of remote work decreased to 31% in 2022 from 39% in 2021. At the same time, 84% of IT professionals showed confidence in their user access security systems to enable remote work securely and easily, as against 56% from a year ago.  

However, no cybersecurity technique is full-proof, as MFA tools are increasingly being targeted by threat actors with MFA bypass attacks, according to American identity and access management company Okta, which saw a record number of attacks targeting MFA in the first half of 2022, which underscores the importance of correctly installing MFA and in selecting strong secondary factors, it said. Okta observed more than 100 million MFA attacks through its Auth0 platform in the first 90 days this year, according to its latest State of Secure Identity Report.  

Other security techniques are also gaining widespread popularity in recent years. In 2021, Zero Trust Network Access/Software-Defined Perimeter (ZTNA)/(SDP) was the top choice, selected by 44% of respondents globally. In 2022, ZTNA was the second choice at 42 per cent.  

Under the zero trust model, all the users, whether in or outside the organisation’s network, are required to be authenticated, authorised, and continuously validated for security configuration before being granted or keeping access to applications and data.  

“A greater shift towards a Zero Trust model would certainly place access management in a central role in corporate security strategies, with a related reliance on MFA as a critical supporting enabler,” Garrett Bekker, principal analyst at 451 Research said.