What is Multi-Factor Authentication?
Multi-factor authentication (MFA or sometimes known as two-factor authentication) is a security measure that requires some form of proof other than your password to access an account. Often acceptable forms of proof are something a user has, knows or is. Some examples of the proof you may be required to provide include:
- phone call
- time-based, one-time password
- password generator app
- user-selected PIN
- physical characteristic (biometrics like fingerprints or voice)
- physical token like a bank card, key or USB stick
There are many services that offer the option to enable multi-factor authentication, though it often must be done so manually.
You’ve likely used at least one of these other types of authentication called Dynamic Knowledge-Based Authentication and Static Knowledge-Based Authentication. Dynamic Knowledge-Based Authentication uses questions based on information about you that can be pulled from records like your credit or rental history. Have you ever picked three security questions as part of an account set-up process? That is part of what’s known as Static Knowledge-Based Authentication because the answers to those questions as well as the questions themselves never change, though they may circulate in random order.
Why is Multi-Authentication Important?
Most web application attacks occur because of weak or stolen user credentials (more than 90 percent) so enabling MFA on your accounts is well worth the decision.
Passwords alone aren’t enough to protect you from having sensitive information leaked or stolen and still can leave the door wide open for hackers. According to the 2017 Verizon Data Breach Investigations Report, 81% of breaches occur because of weak or stolen passwords. This data is over a couple of years old, so the likelihood that the percentage is greater or at least consistent is high – that is, unless user behavior and perception towards account security changes, in which case, it really hasn’t.
Multi-authentication adds an extra layer of security to your accounts and makes you less vulnerable to identity theft and other related cyber crimes.
When Should I Use Multi-Factor Authentication?
Multi-factor authentication is highly recommended for accounts that contain sensitive financial and health-related information such as banks or patient portals. You should also consider protecting your main email account with MFA because it’s a perfect gateway for hackers to access all of your other online accounts.
Additionally, the rate at which hackers are expected to continue targeting mobile is likely going to skyrocket even further in 2020. According to the RSA 2018 Current State of Cybercrime report, sixty-five percent of fraud transactions start on mobile devices.
Mobile malware has surpassed desktop, most of which comes from third party mobile app stores. And according to the report above, fraud via third party mobile apps has increased by 600% since 2015.
In light of these startling facts, you should absolutely consider using MFA when it comes to your mobile devices.
As cyberthreats become more sophisticated, security must also evolve. This is a big reason why many have turned to the adaptive multi-authentication model. Unlike 2FA which may require tokens or challenge questions, adaptive multi-authentication monitors behavioral patterns over time to ensure security.
Examples of types of login behavior this technology looks for include:
- device type (corporate authorized)
- location (IP)
If it sees irregularities or unfamiliar habits it has the ability to lock the user out. Many prefer this method over 2FA because it adapts to the user, is flexible and believed to be more cost-effective.
When you decide to use TPV Ninja, you’re making the choice to collect your users’ information safely and securely. Additionally, integration with most CRM and CMS systems is seamless and we can guarantee a savings of up to 50% on your current TPV costs. Request a live demo today and see how TPV Ninja is helping countless companies save time and money while building trust with their customers.