blog

contact us
Authentication has always been the most important step in the levels of verification needed when presented with an identification set (ID), asking for access to data. The four steps in the process are, Identification, Authentication, Authorization, and Accountability (IAAA). In the not too distant past, having a complex password was thought to be sufficient to authenticate an ID and allow access to sensitive and personal data. But times have changed. To access many internet services and to protect personal data and that of corporations, two-factor authentication have been considerably utilized by many companies. What is two-factor authentication? It is based on the rule, something you know, and something you have. So apart from your ID, something you know would be your password. Something you have would be a token, like a RSA key fob that generates a unique one-time token. Multi-factor authentication is basically building on the complexities of two-factor authentication and requires additional steps of verification. Therefore, in addition to something you know and something you have, multi-factor authentication involves something that you are, like fingerprints, iris scan and facial geometry. Additional factors may also be your unique IP address or MAC address. The last requirement would tend to verify the company you are associated with, and your location. However, one would need to consider also that IP address and location can be skewed by utilizing virtual private network connections and proxies. Additional factors for multi-factor authentication can be something you do. This last factor relates to digital signatures, pattern unlock and CAPTCHA (Complete Automated Public Turing test to tell Computers and Humans Apart). The benefits of implementing multi-factor authentication versus two-factor authentication are not hard to see. Ecosystems exposed to today’s sophisticated attacks need to have several layers of verification. But the question might be asked, so does multi-factor authentication enhance the business function? This must be carefully considered for each business. Depending on the environment and level of sensitive data being accessed, there may be various factors utilized to authenticate an ID or just an additional factor used beyond the basic two-factor authentication. What are some key components or factors that should be considered when implementing two-factor or multi-factor authentication? Make sure to differentiate between two-step verification versus two-factor authentication, they are not the same. Best to deal with companies and methods that adhere to the *FIDO U2F standard. Always remember that two-factor authentication is not impervious to threats. While it is convenient for example to send a random number or code via SMS to your smartphone, technically this verification method is much easier to compromise than having a RSA key fob synchronized to a database that does not require your phone service to function. A multi-factor method that is gaining popularity is Apple’s Touch ID. Yubico is another company that has USB hardware devices that allow authentication by touch. Multi-factor authentication as indicated before is a step up from two-factor authentication, by increasing the number of independent factors needed to verify an ID. As threats increase in their level of sophistication it is necessary for corporations to incorporate multi-factor authentication in their overall Identity and Access Management programs. Individuals should take the time to apply at least two-factor authentication to social media websites, communication devices and services. Corporations and individuals would do well to step up the levels of protection by implementing multi-factor authentication methods for access to sensitive and personal data. See attached File
  1. Share this page