Multi-factor Authentication DemystifiedYou have probably come across the term multi-factor authentication of late. It is an IT buzzword today and is fast becoming one of the best practices of cybersecurity. So, what is multi-factor authentication, exactly? Read this blog to find out.
Multi-factor authentication, as fancy as the term sounds, is just multiple barriers to data access which adds to the security component. In simple terms, imagine, your data in a box and that box fit into another, and then into another--all with locks. It is basically adding layers of security to your data. In fact, we are already experiencing multi-factor authentication on a regular basis. For example, when you want to make a transaction online using your banking portal, chances are, it sends you an OTP (one-time-password) to your mobile number that’s registered with your bank. Some banking portals also ask you for the grid numbers on the back of your debit card, some online transactions using credit cards ask for CVV or expiry dates.
Even Gmail, Facebook, and LinkedIn use multi-factor authentication when they see unusual activity in your accounts such as a first-time log-in from a device you haven’t used before, or a log-in at a time that you don’t usually access your Gmail, Facebook or LinkedIn accounts. Going beyond OTPs, Facebook takes multi-factor authentication a notch higher by asking you to identify a couple of your friends on Facebook or your most recent profile picture.
According to Wikipedia, Multi-factor authentication (MFA) is an authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something the user and only the user knows), possession (something the user and only the user has), and inherence (something the user and only the user is). In simpler terms, that means,
- As the first layer of security, we have passwords, answers to security questions, PIN numbers etc.,
- The second layer includes authentication methods such as OTPs, security tokens, access cards, etc.,
- The third, and final layer is something personal to the user. Examples include biometric validation such as an eye scan, fingerprint scan, voice commands or facial recognition.