Published on February 21st, 2015 📆 | 8252 Views ⚑0
Two factor authentication Solutions for more online security
Two-factor verification provides definite recognition of consumers by means of two different mechanisms. These mechanisms may already be known by the user, it may be something that the user has or something that is inseparable from the consumer. A good exemplar from everyday routine is the withdrawal of cash from a cash machine. Only the accurate arrangement of a bank card (something that the user has) and a PIN (something that the consumer recognizes) allows the deal to be made. Two-factor authentication is a kind of multi -feature authentication.
The use of two-factor authentication is to establish that one’s identity is when both the mandatory factors are used and are accurate. If one of the two is not there or is used inaccurately, a person’s identity cannot be recognized beyond doubt. Access to the office, access to any information or access to whatever is being secured by two-factor authentication remains locked if this is the case. The aspects may include something that the user possesses( such as a USB fix token, a card, a key etc.),something that the consumer knows (such as a username, security no., PIN, TAN etc.) and something that the consumer is and is indissoluble from (a bodily trait of the user, such as a thumbprint, iris, voice, etc.)
The main disadvantage of authentication done using something that the consumer possesses and one other feature is that the plastic symbol used (the USB, the card, the key or similar) must be carried by the user at all times. If this is stolen or misplaced, or if the user simply does not have it, access is not granted. There are also expenses involved in obtaining and subsequently restoring tokens of such a kind. Additionally, there are intrinsic disagreements and inescapable trade-offs between usage and safekeeping.
Cell phone two-factor authentication was made to provide a new method that would evade such issues. This approach uses mobile devices such as cell phones and smart phones to be “something that the user possesses”. If users want to validate themselves, they can use their private access license (i.e. something that only they know) and a one-time-valid, organic password made of digits.
The code can be sent to their cell phones via a SMS, email or via a particular application. The benefit of this technique is that there is no need for an extra, devoted token, as users are inclined to carry their mobiles with them at all times anyway. Some expert two-factor authentication solutions also guarantee that there is always a valid password available.
If the user has already used a series of digits, this is involuntarily deleted and the system sends a new password to the mobile. If the new password is not entered within a particular time limit, the system automatically substitutes it. This guarantees that no previous, already used passwords are left on mobiles. For more security, it is feasible to state how many faulty entries are allowed before the system stops the right of entry.
Most of the big online companies uses two factor authentication, companies such as google, apple and most of online bankings services.