Everyone who was ever logged into any online account understands the basic premise behind providing a username with an associated password to gain entry. However, we rarely consider just how lame the process is based on the basic security it provides. Stolen or lost passwords and unauthorized access to personal data is a huge problem. Illicitly gained passwords allow instant access with login credentials, which can provide the hacker the ability to take control of an individual’s bank account, Twitter page, or whatever is being protected online. Because of this, many companies incorporated multi-factor authentication (MFA) into the process to beef up security to a much higher level.
Why Multi-Factor Authentication Works
Any cyber-thief that is armed with an individual’s confidential banking information can easily steal money from the online account. However, with this information the hacker has limited access in the physical world. He or she simply cannot walk up to an ATM to withdraw money, simply because they do not also have the necessary PIN (personal identification number). It is because of the second layer of credibility that the hacker is stopped in his or her tracks standing at a physical machine in an attempt to withdraw cash. It is the PIN number that provides a second factor of authentication that verifies the credibility of the user.
An ATM PIN number is the easiest way to describe multi-factor authentication. It is based on two specific factors that include “something you have” (the ATM card) along with the second factor of “something you know” (the PIN).
However, an additional factor could have been used instead of “something you know.” An alternative factor could include “something you are.” Many modern-day laptops and even some newer smartphones are built with fingerprint scanners that will take a biometric measurement to determine the authenticity of the user attempting to gain access into the system. Additional biometric options include facial recognition, iris scans, handwriting analysis and voice patterns. Any one of these biometric measurements is nearly impossible to duplicate, which maximizes the potential of multi-factor authentication.
Multi-Factor Authentication in Smart Phones
Many companies, including Google, are coming up with creative ways of using smart phones to provide a one-time access security code. By launching the application inside the smart phone, the user simply enters the code that is being currently displayed in the prompt on their laptop, desktop, or mobile device to gain access into a restricted account.
Many banking institutions use a variety of cell phone-based systems as a way to verify the users making financial online transactions. Before the transaction can be approved, the bank will automatically send an instant text message to the user’s smart phone – the number that is on record – and wait for the user to enter the displayed code located within the message. However, this method of MFA has the potential of being defeated if both the connecting device (PC, laptop, etc.) and the cell phone have been breached or compromised using malware. It can also be defeated if the thief is able to change the user’s smart phone number that is on record with the banking institution. To avoid this, any online user simply needs to keep crucial antivirus safeguards up-to-date.
Security Token Devices
Many businesses choose to use security tokens to provide an additional verification as their method for multi-factor authentication. Typically, these hardware devices will generate a security code that continually changes. The token is synchronized with the server at the company so that they both understand the exact password that should be typed in at that specific moment. These hardware tokens are the ideal solution for many individuals that work from remote locations where phone reception might be impossible.
Additional security token devices include a USB gadget that will automatically type in a single-use password with the touch of a button. Some of these devices also allow for authentication through a scanned fingerprint through the USB port.
Access from Remote Locations
Many workforces are now dispersed in remote locations around the world. Employees now telecommute, performing their duties at home, or on the road. Because of this, companies require basic applications that manage access into the secure regions of their intranet, or while allowing their workforce to gain access to locations across the Internet.
Multi-factor authentication is the single best method to provide secure access to employees from remote locations. Overall, MFA helps to reduce any potential for a breach in security. It can be provided in a variety of ways from magnetic stripe cards, virtual tokens, one time solutions, soft tokens, audio port tokens, smart cards or access through the USB port.
The future use of multi-factor authentication appears to be bright. It provides an easy solution to prevent fraudulent identity attacks and illicit actions. It can do this because it makes it extremely difficult for any hacker to siphon away crucial data or steal the information of an individual.