For the user and website provider, it is
important to have a complete understanding of authentication to establish trust
in critical business processes. Here we discuss the three factors of
authentication.
·
Something you
know – a memorized information such as a word, phrase, number, code or fact
known only to the user.
·
Something you
have – having a unique item containing secret information such as a token code,
smart card or a USB-interface device.
·
Something you are
– all biometric such as the user’s voice, fingerprints, hand geometry, retinal
or iris scans and handwriting.
One-factor
Authentication
This is a traditional security process
where the user is required to enter a username and password to be granted
access.
Two-factor
Authentication
Two-factor authentication is a
single-factor plus a software- or hardware-generated token code, a smart card
or a USB-interface device. It is where the two authentication elements fall
under different categories with respect to ‘something you have’, ‘something you
are’, and ‘something you know’. A common example for a two-factor
authentication is withdrawing money from a cash machine. To withdraw, you will
need your bank card (something you have) and a PIN (personal identification
number) (something you know) to have a successful transaction. Another example
is when entering a password (something you know) and scan a fingerprint
(something you are).
Three-factor
Authentication
This is the use of three factors to
authenticate the user. The three factors meaning ‘something you know’,
‘something you have’, and ‘something you are’. This is a much-preferred form of
authentication as it is much more difficult for an intruder to overcome.
Authicon’s
Authentication
Most sites these days offer two-factor
authentication where you have to login and they send the code to your phone.
The problem with this sytem is that mobile phones are easily lost and stolen
and if another person has possession of the user’s phone, they could read the
text message and fraudulently authenticate. SMS text messages can also be
intercepted and forwarded to another phone number, allowing a cybercriminal to
receive the authentication code.
With Authicon, there is no need to use a
device. The second layer of protection offered by Authicon stays only on the
website where you have to login so there’s no worry of it ever getting it lost
or stolen. That’s the advantage of Authicon among other sites offering website
security. Source: http://blog.authicon.com/the-three-factors-of-authentication/!
No comments:
Post a Comment