June 8, 2021
As technology improves, cybercriminals are also getting smarter. A new dark web audit revealed 15 billion stolen credentials from 100,000 data breaches circulating among cybercriminals. With these credentials, fraudsters have the ability to take over bank accounts, infiltrate company trade secrets, access healthcare records, and much more.
That means the traditional username and password combo is liable to risk. Multi-factor authentication, which adds an additional authentication step to the login process, makes it harder for a criminal to steal information. If there are companies with only one factor of authentication that can be targeted, fraudsters will be less inclined to go after those where they will encounter multi-factor authentication hurdles.
Note that, though crucial in today’s landscape, multi-factor authentication comes with its own set of costs and benefits. First, we will brief you on pandemic-related identity changes that will have an impact on authentication moving forward. Next, we’ll take you through a breakdown of what is multi-factor authentication, and some of the prominent advantages and disadvantages of using this form of authentication.
Digital identity in a brave new world
The world is facing an uncharted ascent into the new digital landscape. We are riding an abrupt, steep curve of change that none of us could have known prior to the onset of the pandemic. The number of people needing to transmute physical identity credentials into digital identities has skyrocketed, increasing the importance of strong authentication.
In the whitepaper Future of Identity 2.0, Mitek’s CTO, Steve Ritter, outlines six significant identity-related change vectors that have sharply increased in velocity since the pandemic, but are all interrelated.
Read Steve Ritter's new whitepaper, Future of identity 2.0 - Digital identity in a new world - the future came faster
- We’re transitioning from being digital-optional to being digital-centric
- Fraud is soaring so better identity verification is key to containing it
- We need to strike the right balance between less friction and more security throughout the entire customer journey
- Trust is emerging as the primary enabler of business growth
- More attention needs to be paid to who enters the “front door” since this affects all subsequent transactions
- Understanding individuals at scale is crucial to responding effectively to complex systemic changes, like the pandemic
What is multi-factor authentication?
Multi-factor authentication makes use of at least two factors of authentication when a user logs into any account or platform. A critical and vital weapon against identity theft, fraud, and unauthorized access to private company or personal information, it adds a second or third (or more) factor to the login process.
The first factor is typically a username and password, which is something the user knows and remembers. The second could be a variety of factors like biometrics, a security question, or a keycard.
Adding this additional layer of security in the login process helps ensure the safety of employee and customer data, as well as sensitive company data.
Types of authentication
There are several types of authentication to choose from. These include:
- Traditional username & password. This is usually the first factor of authentication. Other factors are used to ensure additional security.
- A one-time password (OTP). This is a common second factor in multi-factor authentication. It requires users to enter a short code sent to them via text or email, thus verifying their identity.
- Security questions. Security questions for which answers have been set in advance are also used as a common second factor.
- Document centric. Users can be asked to upload a selfie with a picture of their photo ID or passport, confirming that they are indeed the owner of the ID. This is commonly used in job applications and exams.
- Biometrics. These are considered the most secure form of authentication since biometric data is extremely hard, if not impossible, to fake. Forms of biometrics include:
- Face recognition
- Retina scan
- Fingerprint scan
- Voice recognition
- Behavioral biometrics (speech and typing patterns, etc.)
Other types of authentication include PKI (public key infrastructure) based personal authentication certificates, key cards, a secret pin, SMS or app-generated codes, and more.
Costs of multi-factor authentication
Though highly secure, multi-factor authentication has its drawbacks, including:
- Consumer friction. One of the major issues with multi-factor authentication is that it’s an obstacle for people who want to login to their accounts as quickly and smoothly as possible. This could cause customers to abandon the process during onboarding or leave the platform in frustration.
- Bias and Inaccuracy. Poor implementation of authentication technology can lead to false negatives due to inherent demographic biases in the biometric authentication system. Moreover, most common biometric methods rely on partial information for identity verification. This can lead to false rejects and false accepts, preventing some genuine users from accessing the system and allowing malicious players in.
- Biometrics can be spoofed. Although biometrics are extremely hard to spoof, it is not impossible. And once compromised, the data cannot be reset. This is a significant drawback as passwords can be reset and changed.
- High implementation cost. To balance a secure system with user convenience, sophisticated hardware and integrations are required. This makes it costly to implement multi-factor authentication systems.
Benefits of multi-factor authentication
- Improves user experience. When stringent password policies are implemented in companies, IT teams are often weighed down with password resets. Multi-factor authentication ensures security without requiring such cumbersome resets or complicated policies.
- Provides greater security. People often use the same passwords for multiple accounts, making identity theft easy to commit. Multi-factor authentication adds an extra layer of security, making it harder for cybercriminals to hack into people’s accounts.
- Protects against brute force attacks. Brute force attacks usually involve hackers using trial-and-error to guess passwords or encryption keys. However, these won’t work if there is an additional step involving an OTP or biometric authentication for login.
- Reduces cost in the long run. Setting up a multi-factor authentication system can be costly in the short term. However, the costs associated with a security breach, which becomes more likely without multi-factor authentication, are far greater.
From these arguments, it’s evident that authentication is here to stay as it provides a much more secure environment for users and companies alike. As hackers become more sophisticated, authentication techniques also continue to evolve. The right solution will be unique to the challenges faced by each enterprise. But what’s clear is that with the right solution, it’s possible to ensure a safe, smooth, and convenient user experience while keeping fraudsters at bay.
