Corporate Partners

Part 1:The business drivers and technology basics of two-factor or multi-factor authentication

Australia can lead the world by implementing a federated national multi-factor authentication system

The Prime Minister’s Department invited submissions to “Cyber Security White Paper” late in 2011. This is Brass Razoo’s submission that prosecuted the case for Australia to adopt a federated multi-factor authentication that could be deployed nationally. By extending existing identification systems administered by Government and Financial Service providers, the nation could build an identification and security system that would be the envy of the world.

The business drivers and technology basics of two-factor or multi-factor authentication will be covered in Part 1.Part 2 will address the glue that binds the system together, open standards. In much the same way that open standards have propelled open source software into the stratosphere, the analogy could be used to build an Australian federated system built upon these open standards to create a security infrastructure that leads the world. The final part in the series will present implementation guidelines and summaries the benefits to the nation.

To provide the best level of data protection for Australian businesses and its citizens, an opt-in system of token based two factor authentication should be implemented. The system would be built upon a robust set of open security standards and collaboratively administered by those currently entrusted with issuing identification instruments. The cost would be borne by the individual or a commercial sponsor and ideally, comprise a software token (mobile phone) and hardware authenticator (credit card, driver’s licence, USB key or other hardware device) to meet business availability and continuity demands. With the Finance industry actively participating in the development of the new system, the setup costs would be negligible and by implementing a single compatible system across the nation, greater economies of scale would reduce operating costs and reduce losses from fraud. Of utmost importance is that Australia would lead the world in protecting its online users from risks posed by fraud and identity theft.


Join the CSO newsletter!

Error: Please check your email address.

More about AISAFacebookGoogleMicrosoftPayPalRadiusRSASCO


Francis Gould


I strongly believe in the ability to offer MFA for every service. Why should one rely solely on insecure and broken static passwords? I love the google type service where one can telesign into their account with their phone. You can receive a text or call, I have a friend who gets his call in Spanish, and it seems pretty customize-able. Why does Australia push for a service like this that can apply towards all users without requiring extra hardware?



I definitely think this is the way of the future! A strong password is not as strong as one my think, the truth is usernames and passwords are not secure anymore. To be best way to be protected with your online accounts, is activate the two-factor authentication technology where users can telesign into their account. For me, the 30 seconds it takes to have the peace of mind that my account won't get hacked and my credit card and personal information isn't up for grabs is well worth it.

Comments are now closed

Market Place