What is Multifactor or Strong Authentication Software?
Multifactor Authentication Solutions and Strong Authentication Software use two or more factors to authenticate a user. Strong authentication often refers to One-Time-Password (OTP) methods where the password is sent via SMS to the user’s cellular phone. The phone is the second factor in this case (something the user has). Different factors may be used in authenticating the user such as voice recognition (something the user does) and face recognition (something the user is).
In contrast to multifactor authentication, the familiar username/password authentication is an example of single-factor authentication; something the user knows.
It should be understood that the authentication factors are controlled by the user:
- Something the user knows
- Something the user has
- Something the user does
- Something the user is
Corresponding digital technologies built to evaluate the authentication factors include:
- Comparison – does the username/password match the stored values?
- Electronic Devices – does the token value or received SMS OTP match the expected value?
- Voice Recognition – does voice characteristics match the enrolled template?
- Face Recognition – does the image characteristics match the enrolled template?
Of course, there are many other technologies like fingerprint, palm-print, iris, eye-twitch, etc.
The authentication factors are based on a fundamental assumption of trust. As long as the user CAN BE TRUSTED NOT TO ABUSE their control of authentication factors, your data is safe.
Malicious insiders have been identified as a group of individuals that can do great harm to institutions and ABUSE their control of credentials; criminals in control of credentials.
Using any of these factors alone will not identify a user. In the case of something the user knows, knowledge can be shared. In the case of electronic devices, they can be loaned, stolen or the information can be shared. In the case of voice recognition, recordings can be stolen and given away. In the case of face recognition, images can be stolen and given way.
The Veritrix Multichannel, Multifactor Authentication includes Audio/Visual (A/V) speech recognition, voice recognition, face recognition, OOB communications and a random phrase unique to the login attempt. The use of face recognition insures the malicious insider knows they are identified as they speak. The use of speech recognition insures no copies are accepted.
These and other implementation details insure it’s the user and only the user.
Identity Verification at its Strongest – Veritrix System Solutions