Multi-Factor Authentication, an Intro.
Authentication defines the process of verifying the identity of someone or something. From software to safe-house, an authentication mechanism is required for the owner to ensure privacy. Therefore, it is clear that authentication is essential in our daily lives.
User Authentication Factors
Authentication factors are the main factors that are used for user authentication. Three such factors are described below.
1. Something the user knows (knowledge)
This is knowing something that can be used to authenticate yourself, such as passwords, PINs (Personal Identification Numbers), OTPs (One-Time-Passwords), etc. This can also include answering some security questions to which you would have already saved the answers when setting up the authentication.
The knowledge factor of a user can be guessed, shared, or stolen using Brute force attacks, Phishing, Social engineering, etc.
2. Something the user has (possession)
This is owned by the user, such as OTPs via smart apps or SMS, Smartcards, and Physical security tokens. A well-known example is the usage of Smartcards at ATMs and when making Card payments.
A possession factor owned by the user can be stolen by someone and used to manipulate the user.
3. Something the user is (inherence)
This identifies you biologically through Retinal scans, Fingerprints, Voice authentication, Facial recognition, and other biometrics. These biological factors of someone are very much protective until it is copied. Once it is copied, there is no other option to make it futile unless you change your biological identifications.
You would have got a clear idea about authentication factors now.
Therefore, we cannot get a secured authentication by using a single-factor authentication method. Because, as the technology advances, breaching through these single-factor authentications gets easier.
Multi-Factor Authentication, a solution.
Multi-factor authentication (MFA) combines two or more authentication factors mentioned above. Having multiple instances of the same factor is not MFA.
This provides layered security by using multiple factors to perform authentication. Even if an attacker cracks through one of the factors, there will be at least one or more layers to breach through to attack the target. In addition to the single factor used to authenticate, another proof of identity is also required. Therefore, this increases the security level up when compared to Single-factor authentication.
A simple scenario to explain the usage of MFA would be the ATM system. When you want to withdraw money from your bank account from an ATM, you need your ATM card and should also know the card PIN. Knowing only one factor will not allow you to proceed with the withdrawal. Here, possession and knowledge factors are used in combination.
As the above example uses two factors, similar methods are called 2FA (2 Factor Authentication) and are considered the initial stage of MFA.
With the development of machine learning and AI, additional improvements such as Time-based, Location-based, Adaptive or Risk-based authentication are also being used in the MFA.
Conclusion
The users can easily set up MFA and increase security by providing layered defense to the systems. It is also stated that MFA can prevent 99.9% of attacks on the systems and accounts.
Therefore, as the experts suggest, MFA should be considered to ensure our system/ account protection is maintained at a possibly high level.
Finally, as the growth in technology is capable of improving the security breaching techniques, we should upgrade our MFA factors according to the advancements made to ensure that the factors are not compromised in the near future.