In doing so, MFA encompasses a broader mix of authentication factors. And it could be argued that it does not technically vary from the definition of 2FA, which is a numerical subset of MFA.īut here’s the nuance: MFA infers a more evolved and non-constrained approach, with a higher proclivity to leverage biometric capabilities on the smart devices we all own. Multi-factor authentication (MFA) is effectively any broad mix of more than one factor. What is multi-factor authentication (MFA)? You were at a lower level of security, and now you’re at something higher. You were one factor, and now you are two. You “step up” to a higher level of security.ĢFA and step ups are the historical foundation for multi-factor authentication. And it follows that if you log in with a password to start, then the act of performing a second factor OTP is a form of step-up authentication. You have now achieved what we refer to as 2FA. If your password is your first factor, then your OTP is your second factor. OTPs are still one of the primary 2FA methods in use to this day. Hackers have found ways to intercept these codes, but the principles of OTP possession have remained the same. Small, clock-based devices that could produce mathematically predictable codes enabled a simple proof: if you know the code, you must have the device.Īdditional OTP methods such as email and SMS-based OTPs, as well as soft token OTP generators also came to the fore. For the general public, the invention of one time passcodes ( OTPs), delivered primarily through hardware tokens, was our first foray into this secure new world. Biometrics was simply not an option.Īt the time, the solution was to focus on the possession factor. Digital biometric technology like Windows Hello and Apple Touch ID didn’t exist yet. The ability to use biometrics was limited to police fingerprinting with an ink pad and paper. If you were seeking to solve this problem 20 years ago, which additional factor would you choose? Well, if we cast our minds back to the turn of the century, you actually didn’t have much of an option. If all apps started with a password, then it was simply a matter of adding either a possession or inherence factor to the mix. What is 2FA and step-up authentication?ĢFA is the addition of a second factor on top of your existing factor, typically a password. This was the beginning of 2FA and step ups. If you could combine more than one factor at a time, the classic methods of password hacking could be defeated. Something you are: physical attributes like biometric markers Something you have: physical proof, like a security key or device So if the “something you know” password was no longer good enough, what other authentication factors can we use to build a stronger proof of identity? What are the three factors of authentication? The most basic security requirements needed to protect consumers shifted markedly overnight, and the pressure was on security developers to combat the massive rise in online fraud. So easily guessed, keylogged, stolen and “stuffed.” Criminals immediately saw opportunity and began hacking. It was, as we all now know, a global business revolution.Īnd yet the only security option available at the time was the humble password! Just one single, solitary factor. Businesses everywhere started publishing web apps, from simple retail sites to major high-street banks. Key differentiators of 2FA, MFA and SCAĪfter the World Wide Web went live with the first web page published at CERN in 1991, it turned very quickly from a document sharing system to the foundation for a full-fledged digital application channel.What is strong customer authentication (SCA)?.What is multi-factor authentication (MFA)?.What is 2FA and step-up authentication?.What are the three factors of authentication?.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |