The Future of Multi-factor authentication
- 01 April, 2016 11:06
Most organisations have moved to two factor authentication for their online banking transactions, but in recent events all the big banks were attacked despite this already being in place.
The question then becomes if two-factor authentication is not sufficient, we need to just move to a multi-factor approach. Let’s recall the definition:
- Something you have – examples include: a physical card, a one-time–password token, or a smartphone, for example
- Something you know – examples include: a PIN, a password, or the answer to a personal question
- Something you are – examples include: a fingerprint, a retina scan, your voice
It would appear that having and knowing is not enough, then evaluating something you are what would be the appropriate biometric to utilise?
Biometrics – the Ears have it?
You can create an image of your ear over a number of cycles and these curves are translated into a series of numbers that can be used as an identification tool. Ears are not affected by facial expression or by differences in background scenery.
But people do wear jewelry and also hair \ glass frames may impede the image. Perhaps the ears are not the best option.
How about your Face?
Facial recognition is one of the most promising as we all carry a cell phone that is capable of being the input device. Most traditional face recognition systems measure the distance between the eyes, position of cheekbones, size of nose, jaw line, chin etc. The combined math of the measurement becomes a unique code.
The problem with traditional technology is that you have to stand still and be front on. However, 3D facial recognition sensors capture information about the shape of a face from all three angles and is less effected by lighting conditions.
Give me a Hand?
Most of us already use Fingerprints with our iPhone. Fingerprint identity technology compares the pattern of ridges and furrows on the fingertips.
But Fingerprint technology is not good for industrial applications, due to dirt and in these instances Hand geometry is more suitable. This approach measures the dimensions of a hand and compares those to a file copy.
Eye for Details?
There are technologies to scan the Iris or Retina. Retina scans have been adopted as military grade, there are downsides as requires you to sit still for about 15 seconds.
Please Talk to me?
Voice biometrics are however a good way to authenticate. When this is used with a random phrase, then the approach has strong security and therefore hard to break.
Intel and Microsoft to the rescue?
Hardened Multifactor Authentication is the answer so how do we all move forward? This has been a cost tradeoff that few wanted to tackle. But we now have Intel and Microsoft with new announcements that would move this cause.
Recently announced was Microsoft’s Active Authentication to allow enterprises to secure employee, partner, and customer access to cloud applications with multi-factor authentication. They have enabled multi-factor authentication support with Windows Azure Active Directory identities to help secure access to Office 365, Windows Azure and Dynamics CRM Online
The way this works is that after the normal entering of your username and password, the user is required to also authenticate with the Active Authentication app on their mobile device or via an automated phone call or text message.
Also recently Intel rolled out multifactor authentication (MFA) technology that will work in any new PC equipped with its 6th Generation Core processors. Named Intel Authenticate, this new technology represents a new powerful option.
Perhaps when can work out an approach that utilises Intel and Microsoft in tandem, perhaps we then will have a secure approach for all of us.
Participate in this short survey on IT security strategies across the Australian market and go in the draw to WIN a 360Fly camera vailued at $689.