Zero-Touch and Zero-Trust – it’s a perfect marriage

The Banking industry is one built on the concept of Trust. There was a time – not that long ago – when we habitually wrote cheques to pay for goods or services and used pieces of paper known as ‘Bankers Drafts’ to cover even larger purchases. Within the banking and investment world, brokers and dealers commit funds and settle millions of accounts on trust every day.

Sadly, those were the days before the emergence of cyber-crime. Today, when it comes to trust, the banking world and many other industries, are heading in the reverse direction and are looking to create “zero trust’ environments.

In a zero-trust environment, everyone and everything has to prove who or what it is when making a request of the network. It makes no difference whether that request is coming from outside of the network, or from someone on the inside – or at least someone appearing to be on the inside. Each request needs to be verified, authenticated, and tested before it can be trusted.

The very real threats of identity theft and, so-called, spoofing, have led directly to the adoption of these zero-trust environments and networks where trust always has to be earned, rather than assumed or inherited, before it can be granted.

Meanwhile, in the physical world, the impact of the COVID-19 pandemic has been to create a desire for a Zero-Touch world. Contactless payments are now the preferred choice of many shops and shoppers; and keyless entry and exit systems are being adopted in offices, factories, hotels, and even schools. We have also written before about how QR codes are now being used in bars and restaurants to replace high contact surfaces such as food and drink menus.

So, what happens when Zero-Touch, meets Zero-Trust? Well, perhaps surprisingly, the answer can be a perfect marriage. Systems like our patented Onescan solution are perfect for proving and verifying identity. And the solution can work equally well within both the physical and the virtual worlds.

We’ve written many times about the impending PSD2 banking regulations coming into force across Europe. These will involve much more stringent authentication processes to verify purchases above €30. Our Onescan solution meets these requirements by using a secure combination of who you are, what you own, and what you know to authenticate a transaction that is triggered by one of our specially created tokenised QR codes.

These codes can be displayed on screen, printed on signs, or displayed on cash points and terminals, and all it requires is the camera on your smartphone to initiate the process that allows you to verify identity and authorise an exchange.

This process translates perfectly to a Zero-Trust environment – secure remote system log-in can easily be supported via Onescan. Even from within the network or the office complex, access to certain files or data or even areas of the building could be granted based on Onescan authentication. What’s more, this can all be achieved using tools that the potential users already own.

So, rather than mourn the loss of trust that has led to the need for these Zero-Trust environments; rather we should celebrate the Zero-Touch innovation that can enable them to exist.