What is 2FA?
Two Factor Authentication, or also knows as 2FA is a technology patented in 1984, in which the user provides two means of identification from separate categories of credentials. It adds an extra step to a user’s basic log-in procedure.
Something you know
Username & Password
Something you have
Such as a Mobile Device
Something you are
Using Biometrics Technology
Something you do
What is the Need?
Having a 2nd Form Factor of Authentication, helps protect user credentials against Phishing Attacks , carried out as Man-In-The-Middle or Man-in-The-Browser.
Just like old times, passwords still guard access to applications and sensitive data and mobile devices are no exceptions. We´ve bought into the idea that a password, so long as it´s elaborate enough, is an adequate means of protecting all this precious data. Passwords are as old as civilization. And for as long as they´ve existed, people have been breaking them.
How it works?
There are various form factors available in a particular solution. The most common form of second factor authentication known is when the user receives an SMS with a security code Whist 2FA is much more than SMS Security, in recent times Fusion Biometrics is making its way into the authentication field.
Out of Band Token
What is Out-Of-Band Authentication
Out-of-band authentication is when two networks are accessed simultaneously in order to authenticate a user. This method has proven to be most effective when a fraudulent user gains access to a user’s account. With Out-of-Band Authentication, any transaction will fail to complete without access to the second authentication network.
Say John wants to make a payment on his internet banking, he receives a Push Notification Via his Mobile Network confirming a transaction is being made. John approves this transaction and sends back such notification via his secondary network being the mobile network.We have been use to Out-Of-Band Authentication even before the popularity of E-Commerce. Remember the days when a call to a customer from a bank manager verifying that a faxed payment instruction, purportedly signed by the customer, was in fact genuine?. This is an example of Out-Of-Band Authentication.