Multi-Factor Authentication (MFA) is a method of computer access control that adds an extra layer of protection on top of your user name and password. With MFA a user is granted access only after successfully presenting several separate pieces of evidence to an authentication mechanism – typically at least two of the following categories: knowledge (something you know such as a password or personal identification number (PIN)), possession (something you have such as a cryptographic identification device, smart card or secure token), and inherence (something you are: Biometrics such as fingerprints, iris, face, palmprint, etc.). The goal of MFA is to create a layered defense and make it more difficult for an unauthorized person to access a target such as a physical location, computing device, network or database. If one factor is compromised or broken, the attacker still has at least one more barrier to breach before successfully breaking into the target.
A good example from everyday life is the withdrawing of money from a ATM; only the correct combination of a bank card (something that the user possesses) and a PIN (personal identification number, something that the user knows) allows the transaction to be carried out.
The use of multiple authentication factors to prove one’s identity is based on the premise that an unauthorized actor is unlikely to be able to supply the factors required for access. If, in an authentication attempt, at least one of the components is missing or supplied incorrectly, the user’s identity is not established with sufficient certainty and access to the asset (e.g., a building, or data) being protected by multi-factor authentication then remains blocked. The authentication factors of a multi-factor authentication scheme may include:
- Something the user has: Any physical object in the possession of the user, such as a security token (USB stick), a bank card, smart card, a key, etc.
- Something the user knows: Certain knowledge only known to the user, such as a password, PIN, TAN (transaction authentication number), etc.
- Something the user is: Some physical characteristic of the user (biometrics), such as a fingerprint, eye iris, voice, typing speed, face, electronic signature, pattern in key press intervals, etc.
- Somewhere the user is: Some connection to a specific computing network or using a GPS signal to identify the location.
Related Products
Related Articles
FEITIAN achieved the FIDO Biometric Component Certification
Beijing, China and Santa Clara, CA — April 29, 2021 — FEITIAN has been qualified to be the first security key and smart card vendor to achieve the FIDO Biometric Component Certification. This is mandatory to qualify for FIDO
EyeLock Secures Contract in Egypt with its Portable Template Technology
NEW YORK, April 21, 2021 -- EyeLock LLC, a leader of iris identity authentication solutions and subsidiary of VOXX International Corporation (NASDAQ: VOXX), announced today that it was awarded a contract to control the access of individuals into the four data center
EyeLock Releases EyeLock ID® – Simplified Logical Access for On-Premise and Remotely Connected Workers
NEW YORK, Sept. 22, 2020 -- EyeLock LLC, the leader of iris-based identity authentication solutions, announced today the release of its highly anticipated EyeLock ID® logical access system for connected workers. Recognizing that passwords and usernames are things of the
Ping Identity Builds and Matures Zero Trust Security Infrastructures
December 17, 2019 09:00 AM -- DENVER--Ping Identity (NYSE: PING), a pioneer in Intelligent Identity solutions, today announced its continued support for enterprises in developing a Zero Trust security infrastructure with new capabilities, practical guidance, and technology integrations. As organizations
RSA® and Yubico Partner to Address Growing Digital Risks of the Modern Workforce with Enterprise-Grade FIDO Authentication Solution
December 10, 2019 09:00 AM -- BEDFORD, Mass. -- RSA (@RSAsecurity), a global cybersecurity leader delivering Business-Driven Security™ solutions to help organizations manage digital risk, will extend its enterprise offering of modern authentication and identity assurance
Yubico Launches Enhanced Authenticator App Suite for Secure Authentication on iOS, Android and Desktop
December 09, 2019 09:00 AM -- PALO ALTO, Calif. & STOCKHOLM -- Yubico, the leading provider of hardware authentication security keys, today launched the latest version (v1.1) of its Yubico Authenticator mobile application for iOS. The app now extends support for