The problem with 2FA today
Many systems currently rely on SMS as a second factor for out-of-band authentication. This approach involves the sending of a short code to the user’s mobile number. The National Institute of Standards and Technology (NIST) is now recommending against the use of SMS for 2FA due to spoofing concerns. Alternative two-factor techniques require certificates on devices – forcing the user to have the device in hand.
For lost credentials, many systems rely on Knowledged-based Authentication. Users must provide information that only they would likely know. One problem is that this information is sometimes forgotten or unclear to the user. A bigger problem is that much of this knowledge is easily available to fraudsters on public sources.
The benefits of Biometrics for two-factor authentication
Biometrics enables a second factor of authentication that is not only independent of a user’s device, but also immediate. In the case of device or application login behavioral biometrics and/or facial recognition can be combined with a standard login and password to provide two-factor authentication with zero added friction.