Multi-factor authentication (MFA) is quickly becoming a best-practice in the field of cybersecurity. So what is multi-factor authentication, exactly?
Multi-factor authentication is just a term used to refer to multiple barriers to data access which increases the security of accessing that data..In practical terms, imagine your data in a box and that box fit into another, and then into another - each box with its own lock. Each lock adds a layer of security to your data. In fact, you probably already use multi-factor authentication on a regular basis. For example, when you want to make a transaction online using your banking portal, chances are the portal sends you an OTP (one-time password) to your mobile number that’s registered with your bank. Some banking portals also ask you for the grid numbers on the back of your debit card; some online transactions using credit cards ask for CVV or expiry dates.
Major cloud services such as Gmail, Facebook, and LinkedIn use multi-factor authentication when they see unusual activity in your accounts such as a first-time log-in from a device you haven’t used before or a log-in at a time that you don’t usually access your accounts. Going beyond OTPs, Facebook takes multi-factor authentication a notch higher by asking you to identify a couple of your friends on Facebook or your most recent profile picture.
Wikipedia defines multi-factor authentication (MFA) as an authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something the user and only the user knows), possession (something the user and only the user has), and inherence (something the user and only the user is). In simpler terms, that means,
- The first layer of security includes passwords, answers to security questions, PIN numbers etc.,
- The second layer includes authentication methods such as OTPs, security tokens, access cards, etc.,
- The third, and final layer is something personal to the user. Examples include biometric validation such as an eye scan, fingerprint scan, voice commands, or facial recognition.
Even something as simple as withdrawing money from an ATM takes you through the multi-factor authentication process. You need to key in your PIN number (something you know) and use your debit card (something you have) to be able to transact successfully. With the rampant rise in cybercrime, businesses cannot rely solely on yesterday's authorization methods using only a single password or PIN to access their critical data.
Contact us today to ask about setting up a strong, reliable, multi-factor authentication system for your data.