Accelerate

Multi-factor Authentication Demystified

You have probably come across the term multi-factor authentication at some point. It is an IT buzzword today and is fast becoming one of the best practices of cybersecurity. But some may still be wondering, what is multi-factor authentication, exactly?

Multi-factor authentication, as fancy as the term sounds, is just multiple barriers to data access which adds to the security component. In simple terms, imagine, your data in a box and that box fit into another, and then into another–all with locks. It is basically adding layers of security to your data. In fact, we are already experiencing multi-factor authentication on a regular basis. For example, when you want to make a transaction online using your banking portal, chances are, it sends you an OTP (one-time-password) to your mobile number that’s registered with your bank. Some banking portals also ask you for the grid numbers on the back of your debit card, some online transactions using credit cards ask for CVV or expiration dates.

Even Microsoft, Gmail, Facebook, and LinkedIn use multi-factor authentication when they see unusual activity in your accounts such as a first-time log-in from a device you haven’t used before, or a log-in at a time that you don’t usually access your Outlook, Gmail, Facebook or LinkedIn accounts. Going beyond OTPs, Facebook takes multi-factor authentication a notch higher by asking you to identify a couple of your friends on Facebook or your most recent profile picture.

In other words, Multi-factor authentication (MFA) is an authentication process that a user must present at least two pieces of evidence in order to gain access to the desired program. These proof of evidence could include examples such as: a question only the user may know (Who was your third grade teacher?), entering a code that was sent to the user’s phone via text or call, or verifying access through a third party app. In simpler terms, that means,

  • As the first layer of security, we have passwords, answers to security questions, PIN numbers etc.,
  • The second layer includes authentication methods such as OTPs, security tokens, access cards, etc.,
  • The third, and final layer is something personal to the user. Examples include biometric validation such as an eye scan, fingerprint scan, voice commands or facial recognition.

So, even something as simple as withdrawing money from an ATM has you going through the multi-factor authentication process. You need to key in your PIN number and use your debit card to be able to transact successfully. With cybercrime being rampant, businesses cannot rely on the old school access authorization methods using a single password or PIN. Contact us today about setting up a strong, reliable, multi-factor authentication system to help keep your data safe and resilient against malicious activity.