Two-Factor Authentication

Two-factor authentication (or 2FA) uses two steps to confirm a user’s claimed identity: something they know (like a password) and something they have or something they are (such as a security token).

The problem with 2FA today

Many systems currently rely on SMS as a second factor for out-of-band authentication. This approach involves the sending of a short code to the user’s mobile number. The National Institute of Standards and Technology (NIST) is now recommending against the use of SMS for 2FA security due to spoofing concerns. Alternative two-factor techniques require certificates on devices – forcing the user to have the device in hand.

For lost credentials, many systems rely on Knowledged-based Authentication. Users must provide information that only they would likely know. One problem is that this information is sometimes forgotten or unclear to the user. A bigger problem is that much of this knowledge is easily available to fraudsters on public sources.

The benefits of Biometrics for two-factor authentication

Biometrics enables a second factor of authentication that is not only independent of a user’s device, but also immediate. In the case of device or application login, behavioral biometrics and/or facial recognition can be combined with a standard login and password to provide a two-factor authentication solution with zero added friction.

Strengthen authentication and reduce fraud
Reduce friction in the user experience
Eliminate the expense of token-based and one time password (OTP) systems
Works across desktops and mobile devices

IDSquared™ by ID R&D

IDSquared combines facial recognition and behavioral biometrics to turn a standard login and password into a two-factor authentication solution without introducing any extra effort for the user.