Unit 2: Multiple Authentication Factors
Multiple authentication factors are security measures that require users to provide more than one form of identification to access their accounts or digital information. While biometric authentication is one way to implement multi-factor authentication, other methods do not rely on physical characteristics.
One of the most common forms of multi-factor authentication is the use of passwords and security tokens. Passwords can be easily compromised, so the use of a physical token, such as a smart card or key fob (see picture of a key fob below), can add an extra layer of security. These tokens generate a unique code that is required in addition to a password to access the account or information.
Another method is location-based authentication, which involves verifying the user’s location to authenticate their identity. For example, a bank may require a user to enter a password and then verify their location using GPS on their mobile device before granting access to their account.
Time-based authentication is another form of multi-factor authentication. In this method, a user must provide a password and then enter a code that changes at regular intervals, usually every 30 seconds. The code is generated by a security token or a mobile application.
Finally, there is behavioural-based authentication, which is based on the user’s unique behaviour patterns, such as typing speed, mouse movements, and swipe patterns. This method can be used in combination with other forms of authentication to further enhance security.
In summary, multi-factor authentication provides an additional layer of security to protect against cyber threats. By requiring users to provide more than one form of identification, it becomes more challenging for unauthorized individuals to gain access to sensitive information. While biometric authentication is one way to implement multi-factor authentication, other methods, such as security tokens, location-based authentication, time-based authentication, and behavioural-based authentication, do not rely on physical characteristics. By combining these methods, organizations can ensure the security of their digital assets and protect their users’ privacy.
Practical example
Consider Chris, who, when accessing their bank account using a smartphone app, is required to enter their authentication login and PIN/password. However, whenever Chris initiates a money transfer from their account to a third party, they receive an SMS containing an authentication token. This token must be entered into the app within the next 2 minutes for the transaction to proceed; otherwise, the transaction is cancelled. This mechanism provides an additional layer of confirmation that Chris is the one conducting the transaction, as it involves using information associated with the phone number within a specific timeframe.