The one area where companies could get the most immediate value for their security budget is with stronger authentication. In the mentioned note Pescatore states:
LiveEnsure is trying to remove the barriers to multi-factor authentication to make stronger security available to everyone. LiveEnsure™ is embracing digital device fingerprinting technology for authentication with Digimetrics™, our patent-pending technology based on a synthesis of multiple factors. The "fingerprinting" data is challenged "outside" the browser, its data is *not* shared, and the process is session/commerce context specific, i.e. purpose-built keys - the "smarter" and "safer" version of a universal fingerprint. This architecture is based on years of study - finding that trusting purely general-built keys is great for convenience but not worthy for security.
LiveEnsure™ sits in the gap - providing strong, real-time authentication, using a universally unique digital footprint of a laptop, ipad, device or smartphone. There is nothing for the user to download, install and no out of band/dongle/token to look after. The login process is seamless the clever device recognition happens without the user being aware, checking the device fingerprint in real time as part of a secure triangulation.
Full Note Link below:
http://blogs.gartner.com/john_pescatore/2010/12/17/the-future-of-passwords-put-all-your-eggs-in-one-basket-and-really-really-watch-that-basket-or-stop-using-eggshells-as-the-foundation-of-e-commerce/
